000036023 - Enable soap calls for RSA Adaptive Authentication OnPrem) Admin

Document created by RSA Customer Support Employee on Feb 21, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036023
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Product/Service Type: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.X
 
IssueHow to enable SOAP calls log for Adaptive Authentication Admin.
ResolutionBy Default Enabling DEBUG mode on AA Admin log4j.properties file does not enable the SOAP calls.
Below are the steps and changes involved to enable the SOAP logging for AA Admin requests : 

1. Add the below filters to web.xml file located under AA Admin.war/WEB-INF folder : 

<filter>
                        <filter-name>WebServiceLoggingFilter</filter-name>
                        <filter-class>com.passmarksecurity.filter.WebServiceLoggingFilter</filter-class>
            </filter>
            <filter-mapping>
                        <filter-name>WebServiceLoggingFilter</filter-name>
                        <url-pattern>/services/AdaptiveAuthenticationAdmin</url-pattern>
            </filter-mapping>
            <filter-mapping>
                        <filter-name>WebServiceLoggingFilter</filter-name>
                        <url-pattern>/services/AdaptiveAuthenticationAdmin/*</url-pattern>
            </filter-mapping>


  
Please note that these parameters need to be present only ones in the file, if there are any existing values, it would be necessary to disable them by or delete them.

2. Edit the log4j.properties file located under AA Admin.war/WEB-INF/classes folder and add the below parameter:

log4j.logger.com.passmarksecurity.filter.WebServiceLoggingFilter=DEBUG, LOGFILE

This will ensure only SOAP requests to are written to the log file.
To enable all logging to DEBUG mode including SOAP calls, set the following parameter as mentioned below :

log4j.rootCategory=DEBUG


 
Once the changes are done, the application server is needed to be restarted.
To validate the soap calls, try searching for users in Backoffice Customer Service tab.
NotesWebsphere application server reads the Deployment Descriptor (web.xml) file from a different location. Hence the changes to web.xml in WAS environments is needed to be done in below path : 
IBM\WebSphere\AppServer\profiles\<profile_name>\cells\<cell_name>\applications\<ear_name>\deployments\<app_name>\<war_name>\WEB-INF\

Attachments

    Outcomes