Oracle® Adaptive Access Manager Installation and Configuration Guide Release 10g (10.1.4.5) Part Number E12050-03 |
|
|
View PDF |
Rule logging records the required rule processing information so that the Rule Administrator can monitor the required information from a user session.
The properties used to enable/disable and specify the Runtime for Rule logging are listed below.
vcrypt.tracker.rules.trace.policySet=[true|false] vcrypt.tracker.rules.trace.policySet.<runtime string value>=[true|false]
Use the Properties Editor to edit these properties.
In the scenario, the Post-Authentication Runtime will be used. The Runtime string value for
profile.type.enum.postauth.name=Post-Authentication
is "postauth".
The flow of how Rule logging works is as follows:
The Rules Engine first checks to see if a configuration exists for vcrypt.tracker.rules.trace.policySet.postauth
.
If there is no configuration value set, the Rules Engine will check the configuration value of vcrypt.tracker.rules.trace.policySet
.
The default value for vcrypt.tracker.rules.trace.policySet
is "true".
The matrix below shows an example of how value combinations control logging during a specified Runtime.
value of vcrypt.tracker.rules.trace.policySet.postauth | value of vcrypt.tracker.rules.trace.policySet | Will Rule logging be enabled for the postauth Runtime? |
---|---|---|
true | false | yes |
true | true | yes |
true | not set | yes |
false | false | no |
false | true | no |
false | not set | no |
not set | false | no |
not set | true | yes |
not set | not set | yes |
The properties to control which Rules are logged are shown below.
vcrypt.tracker.rules.trace.notTriggered=[true|false] vcrypt.tracker.rules.trace.notTriggered.logMillis=[millis]
If vcrypt.tracker.rules.trace.notTriggered
is set to "true," Rules that are not triggered are also logged.
The value of vcrypt.tracker.rules.trace.notTriggered.logMillis
will narrow down which Rules are shown.
If the Rule execution for non-triggered Rules exceeds the value of vcrypt.tracker.rules.trace.notTriggered.logMillis
, only then will the Rules Engine log the non-triggered Rules.
The table below shows the property values that control what Rules get logged.
vcrypt.tracker.rules.trace.notTriggered | vcrypt.tracker.rules.trace.notTriggered.logMillis | Result |
---|---|---|
true | n | Logs the non-triggered Rules that took more than "n". If "n" is set to a negative value, all Rules are logged |
false | n | None of the non-triggered Rules will be logged |