Dynamically enabling/disabling debug mode in the Access Manager Server
By user12601562 on Dec 15, 2006
In the previous versions of Access Manager servers, to enable the server to debug message mode from the default error mode, one needs to set the com.iplanet.services.debug.level=message in the AMConfig.properties. That is not it, the webcontainer on which the Access Manager is deployed needs to be restarted. This is almost impossible in a production scenario, customers do not want to stop the server or sometimes the anamoly that is being experienced by the customer may not show up if the server is restarted. So there has to be a mechanism to dynamically enable/disable the server's debug level.
In the Latest version of the Java ES Access Manager release 7.1(Java ES 5)(some of the Access Manager 7.0 patches also provide this option in a limited manner), it provides a JSP Debug.jsp utility to configure the component level debug level(error,warning and message) message is the most verbose mode. This JSP is deployed right under the services deploy URI. For eg: http://amhost.example.com:8080/amserver/Debug.jsp
To invoke this JSP you need to have toplevel admin privileges. Authenticate as amadmin user then access this page http://amhost.example.com:8080/amserver/Debug.jsp, it will show you the list of Access Manager components and the usage on how to set the individual components in to debug mode.
The format of the invocation URL is(it is different in OpenSSO) <protocol>://amhost.fqdn:port/service_deploy_uri/Debug.jsp?category=CATEGORY&level=LEVEL
CATEGORY could be any one of the following
LEVEL should be one of the following
- 1 (error)
- 2 (warning)
- 3 (message)
Whatever mode you set using this JSP Debug.jsp is valid only for the current JVM, once the JVM is restarted then the value in the com.iplanet.services.debug.level property will take in to effect, note that this property is global for all the components in the Access Manager server. Unlike the Debug.jsp, this property is not supporting the component level debug enable/disable.
In the opensso case, configuring the debug level is sophisticated and simple. All you need to do is to login as top level administrator of OpenSSO system, When you access the Debug.jsp it will showup a screen with pulldown menu to select the debug level and the opensso component to be set to that debug level, hit submit that is it! It is that simple.