Operating Systems: i5/OS
Personalize the table of contents and search results
Logging Tivoli Access Manager security
Use this topic to enable the trace specification to indicate tracing
at the required level.
Overview
The Java Authorization Contract for Containers (JACC) for Tivoli
Access Manager provider messages are logged to the configured trace output
location, and messages are written to standard out SystemOut.log file.
When trace is enabled, all logging, both trace and messaging, is sent to the trace.log file.
Procedure
- The amwas.node_server.pdjlog.properties file
must be updated and the isLogging attribute set to true for
the required component. For example, to enable tracing for the JACC provider
for Tivoli Access Manager, set the following line to true: amwas.node_server.pdjlog.properties:baseGroup.AMWASWebTraceLogger.isLogging=true
- Enable tracing for the JACC provider of Tivoli Access Manager components
in the WebSphere Application Server administrative console by completing the
following steps:
- Click Troubleshooting > Logs and Trace > server_name.
- Under Logs and Trace tasks, click Diagnostic trace.
- Select the Enable Log option.
- Click Apply.
- Click Troubleshooting > Logs and Trace > server_name.
- Click Change Log Detail Levels.
- Click Components. Tracing for all components can be enabled
using the com.tivoli.pd.as.* command. Tracing for separate components
can be enabled using the following commands:
- com.tivoli.pd.as.rbpf.* for role-based policy framework tracing
- com.tivoli.pd.as.jacc.* for JACC provider tracing
- com.tivoli.pd.as.pdwas.* for the authorization table
- com.tivoli.pd.as.cfg.* for configuration
- com.tivoli.pd.as.cache.* for caching
For more information, see Log level settings.
- Click Apply.
What to do next
The trace specification now indicates that tracing is enabled at
the required level. Save the configuration and restart the server for the
changes to take effect.
}
Tivoli Access Manager loggers
Related tasks
Enabling an external JACC provider
|