|Applies To||RSA Access Manager 6.1 SP3|
|Issue||Access Manager Adaptive Authentication log file $AxMHome/bin/logs/aa-onpremise-adapter.log grows excessively|
The logs in directory in $AxMHOME/bin/logs/ such as aa-onpremise-adapter.log grow in size even if Adaptive Authentication is not configured. The log files contain a copy of every Access Manager log event normally sent to the lserver or server log files.
2010-12-17 11:03:43,776 [QueueDispatcher] INFO sirrus.logging.Log4JWriter (Log4JWriter.java:334) - sequence_number=8,2010-12-17 11:03:43:776 PST,messageID=108,event_type=Connection error,event_details=Unable to connect to the Instrumentation Server.
|Cause||RSA Access Manager SP3 Adaptive Authentication log4j settings inadvertently affect Access Manager logging as well as those for Adaptive Authentication. The default log4j settings echo all INFO level log events to the log file in /bin/logs/. The log4j settings in SP3 are hard coded in the aa-onpremise-adapter-6021-6.1.3.jar file. This file is signed and cannot be modified or edited by the user.|
|Resolution||This issue is resolved in hotfix 6.1.3.02 for RSA Access Manger 6.1 Contact RSA Support and request this hotfix. This file contains a new adaptive auth jar file called aa-onpremise-adapter-6021-6.1.3.02.jar This version of the jar file does not set any log4j logging settings and will not create logs in /bin/logs directory. Note that updating to the latest axm-core.jar file will not resolves this issue. Customers must update to a hotifx that contains a new version of the aa-onpremise-adapter-6021-6.1.3.02.jar file. |
This hotfix also contains a new jar file called aa-onpremise-logging-6.1.3.02.jar file. This jar file contains a log4j.properties file that may be edited to enable provide additional Adaptive Authentication logging if desired. This jar file should only be copied over to the Access Manger lib directory if debug level adaptive authentication logging is desired.
Ensure when archiving or backing up java jar files that they are archived outside of the lib directory and outside of the Java path. Renaming a jar file, for example to aa-onpremise-logging-6.1.3.02.jar_backup is not sufficient.
Note for additional information on how to configure Adaptive Authentication logging see PRIMUS solution a50635
|Workaround||Applied SP3 for Access Manager 6.1 (Version 6.1.SP3 (Build ID: 20101206035808-0500-1188443)) |
Applied aa-onpremise-adapter-6021-6.1.3.jar file.
|Legacy Article ID||a53622|