Enabling Identity Providers debug logging for Cloud Director
Article ID: 315487
Updated On:
Products
VMware Cloud Director
Issue/Introduction
This article provides instructions for enabling debugging logging for identity providers(SAML,OIDC and LDAP).
Environment
VMware Cloud Director 10.x
Resolution
Modify the /opt/vmware/vcloud-director/etc/log4j.properties file on the cloud cells to include the relevant lines for the Identity Provider type/types being investigated:
- OIDC
log4j.logger.com.vmware.ssdc.backendbase.oauth.OIDCServiceImpl=TRACE, test.trace.logginglog4j.logger.com.vmware.ssdc.backendbase.usermanagement.OrgMemberProvider=TRACE, test.trace.logginglog4j.logger.com.vmware.vcloud.ui.h5auth.OAuthAuthenticationSuccessHandler=TRACE, test.trace.logginglog4j.appender.test.trace.logging=org.apache.log4j.RollingFileAppenderlog4j.appender.test.trace.logging.File=logs/vcloud-trace.loglog4j.appender.test.trace.logging.MaxFileSize=10240KBlog4j.appender.test.trace.logging.MaxBackupIndex=9log4j.appender.test.trace.logging.layout=com.vmware.vcloud.logging.layout.CustomPatternLayoutlog4j.appender.test.trace.logging.layout.ConversionPattern=%d{ISO8601} | %-8.8p | %-25.75t | %-30.50c{1} | %m | %x%nlog4j.appender.test.trace.logging.threshold=TRACE - LDAP
log4j.logger.com.vmware.ssdc.backendbase.usermanagement.LdapSyncHelper=TRACE, test.trace.logginglog4j.logger.com.vmware.ssdc.backendbase.ldap.LdapProviderImpl=TRACE, test.trace.logginglog4j.logger.com.vmware.ssdc.backendbase.ldap.LdapManagerImpl=TRACE, test.trace.logginglog4j.appender.test.trace.logging=org.apache.log4j.RollingFileAppenderlog4j.appender.test.trace.logging.File=logs/vcloud-trace.loglog4j.appender.test.trace.logging.MaxFileSize=10240KBlog4j.appender.test.trace.logging.MaxBackupIndex=9log4j.appender.test.trace.logging.layout=com.vmware.vcloud.logging.layout.CustomPatternLayoutlog4j.appender.test.trace.logging.layout.ConversionPattern=%d{ISO8601} | %-8.8p | %-25.75t | %-30.50c{1} | %m | %x%nlog4j.appender.test.trace.logging.threshold=TRACE - SAML
log4j.logger.com.vmware.vcloud.backendbase.security.web.SamlAuthenticationSuccessHandler=TRACE, test.trace.logginglog4j.logger.com.vmware.ssdc.backendbase.usermanagement.OrgMemberProvider=TRACE, test.trace.logginglog4j.appender.test.trace.logging=org.apache.log4j.RollingFileAppenderlog4j.appender.test.trace.logging.File=logs/vcloud-trace.loglog4j.appender.test.trace.logging.MaxFileSize=10240KBlog4j.appender.test.trace.logging.MaxBackupIndex=9log4j.appender.test.trace.logging.layout=com.vmware.vcloud.logging.layout.CustomPatternLayoutlog4j.appender.test.trace.logging.layout.ConversionPattern=%d{ISO8601} | %-8.8p | %-25.75t | %-30.50c{1} | %m | %x%nlog4j.appender.test.trace.logging.threshold=TRACE
Impact/Risks:
This is only meant for debugging short term issues. Once the issue is ready to be diagnosed, please disable the trace logging by removing the lines from the log4j.properties file again. Removing the lines setting the trace logging to on will keep the amount of information in the logs to a normal level.
Additional Information
For detailed information of the log configuration file and the configuration itself ,please refer to the steps in Configure Logging for the VMware Cloud Director Cells.
Feedback
Yes
No
Powered by
