Logging Tivoli Access Manager security

Use this topic to enable the trace specification to indicate tracing at the required level.

About this task

The Java™ Authorization Contract for Containers (JACC) for Tivoli® Access Manager provider messages are logged to the configured trace output location, and messages are written to standard out SystemOut.log file. When trace is enabled, all logging, both trace and messaging, is sent to the trace.log file.
[z/OS]Note: These messages are sent to CTRACE. CTRACE can write them to a CTRACE dataset, memory buffer, and/or the SYSPRINT data set for the region's started task.
Note: 這個主題參照一或多個應用程式伺服器日誌檔。 此外,在分散式和 IBM® i 系統上,另外也建議您可以配置伺服器來使用「高效能可延伸記載 (HPEL)」日誌和追蹤基礎架構,而不使用 SystemOut.logSystemErr.log, trace.logactivity.log 檔案。HPEL 與原生 z/OS® 記載機能也可以一起使用。如果您使用 HPEL,則可以從伺服器設定檔 bin 目錄,利用 LogViewer 指令行工具來存取您所有的日誌和追蹤資訊。請參閱有關利用 HPEL 疑難排解應用程式的資訊,以取得更多使用 HPEL 的相關資訊。

Procedure

  1. The amwas.node_server.pdjlog.properties file must be updated and the isLogging attribute set to true for the required component. For example, to enable tracing for the JACC provider for Tivoli Access Manager, set the following line to true: amwas.node_server.pdjlog.properties:baseGroup.AMWASWebTraceLogger.isLogging=true
  2. Enable tracing for the JACC provider of Tivoli Access Manager components in the WebSphere® Application Server administrative console by completing the following steps:
    1. Click Troubleshooting > Logs and Trace > server_name.
    2. Under Logs and Trace tasks, click Diagnostic trace.
    3. Select the Enable Log option.
    4. Click Apply.
    5. Click Troubleshooting > Logs and Trace > server_name.
    6. Click Change Log Detail Levels.
    7. Click Components. Tracing for all components can be enabled using the com.tivoli.pd.as.* command. Tracing for separate components can be enabled using the following commands:
      • com.tivoli.pd.as.rbpf.* for role-based policy framework tracing
      • com.tivoli.pd.as.jacc.* for JACC provider tracing
      • com.tivoli.pd.as.pdwas.* for the authorization table
      • com.tivoli.pd.as.cfg.* for configuration
      • com.tivoli.pd.as.cache.* for caching
      For more information, see Log level settings.
    8. Click Apply.

What to do next

The trace specification now indicates that tracing is enabled at the required level. Save the configuration and restart the server for the changes to take effect.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:17
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tsec_logging
檔名:tsec_logging.html