X
  • Sun
    December 2, 2009

Debug xmlsec

Guest Author
OpenSSO uses xmlsec API to verify digital signature. In case the API returns a false, but you have no idea about the cause when just looking at the XML doc, you may want see debug messages printed out from the xmlsec APIs.
Since xmlsec uses standard java.util.logging packages to log debug messages. So you can pass a jvm option -Djava.util.logging.config.file=log.properties in web container config file with content in log.properties looks like following
handlers = java.util.logging.FileHandler
.level = INFO
java.util.logging.FileHandler.pattern = %h/java%u.log
java.util.logging.FileHandler.limit = 50000
java.util.logging.FileHandler.count = 1
java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
java.util.logging.ConsoleHandler.level = INFO
java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
com.sun.org.apache.xml.internal.level = FINEST
All of the above except the last line are original from "lib/logging.properties" in the JRE directory. You can modify java.util.logging.FileHandler.pattern to be set to a desired location, otherwise, the log will be written to a file java0.log in the user's home directory. Also you need to make sure log.properties stored under a directory in the classpath.
Note, OpenSSO uses xmlsec.jar/webservices-rt.jar of Sun's own implementation. When you work on other project using xmlsec packages download on apache site, you need set
org.jcp.xml.dsig.internal.level = FINEST

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.