Chapter 6 Errors and Exceptions

This chapter describes the error and exception messages generated by Identity Manager.

The topics in this chapter include:

• Before Working with Identity Manager Messages

• About Identity Manager Errors and Exceptions

• Viewing Errors in the System Log Report

• Customizing a Default Error Message

Before Working with Identity Manager Messages

Review the following information before you start working with Identity Manager error and exception messages:

Important Notes About Identity Manager Messages

Be sure to read the following information before you start working with Identity Manager error and exception messages:

• Examples in this chapter use a locale (xx_XX locale) that was devised for example purposes only.

• When you interpret error messages, be aware of the following:

  • Some messages have different keys but display the same error message text.

  • Some messages are used by multiple components.

  • Exceptions are generally listed by exception type, component, or both.

  • Some exceptions are caused by internal programming errors that cannot be viewed by Identity Manager users.

  • Some exceptions are simple wrappers and their parameters are the entire exception. For example, Identity Manager exceptions wrap resource messages, adapter code, and multipart exceptions, such as password policy violations.

• If you are using parameterized messages with single or double quotes in the message, you must use an additional single or double quote to escape the message. (You will see only one quote symbol when the message is output to the system.)

  For example, the following message begins and ends with two single quote marks:

  ”’0}’’

• If you need help diagnosing problems, contact Sun Technical Support:

  http://www.sun.com/service/online/us

Related Documentation and Web Sites

In addition to the information provided in this chapter, consult the documents and web sites listed in this section for information related to tuning Identity Manager for your deployment.

Recommended Reading

See the following documents for information related to Identity Manager error and exception messages:

• For information about creating a customized message catalog, see Chapter 9, Customizing Message Catalogs, in Sun Identity Manager Deployment Guide.

• For information about creating or editing System Log reports, see SystemLog Reports in Sun Identity Manager 8.1 Business Administrator’s Guide.

Useful Web Sites

The following table describes some web sites you might find useful.

Table 6–1 Useful Web Sites

Web Site URL	Description
http://sharespace.sun.com/gm/document-1.26.2296	Identity Manager FAQ on Sun’s Share Space  Note: You must sign up for a Share Space ID to access this FAQ.
http://sunsolve.sun.com/	Sun web site containing diagnostic tools, forums, features and articles, security information, and patch contents  Note: The information on this site is partitioned into three areas: Internal. Sun employees only Contract. Available only to customers with contract access Public. Available to everyone
http://www.sun.com/service/online/us	Sun Technical Support web site

About Identity Manager Errors and Exceptions

This section describes the Identity Manager error and exception message system and the components that can generate errors and exceptions.

The information is organized into the following sections:

• Where Messages Are Stored

• How Messages Are Displayed

• Error Severity Levels

Where Messages Are Stored

Error messages are stored as follows:

• Identity Manager messages are stored in a WPMessages.properties file in the idmcommon.jar and in the RAMessages.properties file in the idmadapter.jar.

• The WPMessages.properties file is located in project_directory/waveset/idm/common/src/com/waveset/msgcat.

• The RAMessages.properties file is located in project_directory/waveset/idm/adapter/src/com/waveset/adapter.

  Sun Identity Manager Service Provider uses a standard Java message resource bundle for displaying strings in the user interface. This resource bundle is normally included in the idmspe.jar file and must be extracted if you plan to customize message strings.

  $ cd $WSHOME/WEB-INF/classes
  $ jar xvf ../lib/idmspe.jar com/sun/idm/idmx/msgcat/I
  DMXMessages.properties

• Identity Auditor messages are stored in the AUMessages.properties file, which is located in

  project_directory/waveset/idm/auditor/src/com/sun/idm/auditor/msgcat/
  AUMessages.properties

• The Data Exporter’s default implementation includes its own message bundle, called WICMessages.properties. The WICMessages.properties file is located in the exporter.jar file in

  com/sun/idm/warehouse/msgcat/WICMessages.properties

---

Note –

You can create a customized message catalog to add messages or to modify messages provided with the system.

See Chapter 9, Customizing Message Catalogs, in Sun Identity Manager Deployment Guide for instructions.

---

How Messages Are Displayed

For easy identification, Identity Manager displays page-level error and exception messages along the top of the page as boxed text with a unique error icon.

Figure 6–1 Example Login Authentication Error

---

Note –

In the Identity Manager messaging system, items displayed as {0} or {1} represent parameters that are supplied by code. For example:

The file is larger than the maximum supported length of
 {0} bytes.

In this exception, the code replaces the {0} with the parameter value representing the maximum number of bytes.

---

Error Severity Levels

Within Identity Manager, error severities are defined as follows:

• Fatal. A severe error that causes your system to crash, resulting in the loss or corruption of unsaved data.

• Error. A severe error that might cause the loss or corruption of unsaved data. Immediate action must be taken to prevent losing data.

• Warning. Action must be taken at some stage to prevent a severe error from occurring in the future.

• Info. An informative message, usually describing server activity. No action is necessary.

---

Note –

You can check the Identity Manager System Log for more information about an error or exception message. (See Viewing Errors in the System Log Report.)

---

Viewing Errors in the System Log Report

System Log reports can provide information about errors generated by Identity Manager. The System Log report consists of the error’s timestamp, severity, server name, component name, error code or ID, stack trace (structure of the execution stack at that point in the program’s life), and error text information.

You can use Identity Manager’s Administrator interface or command-line interface to run and view System Log reports.

---

Note –

Instructions for creating and editing System Log reports are provided in Sun Identity Manager 8.1 Business Administrator’s Guide.

---

To Run a System Log Report From the Administrator Interface

Perform the following steps to run a System Log report from the Administrator interface:

1. Log in to the Identity Manager Administrator interface.

2. Select Reports -> Run Reports to open the Run Reports page.

3. Locate the appropriate System Log Report entry in the Report Type column, and then click the Run button in that same row.

   The Report Results page displays, listing the system messages that were reported during the specified interval. For example, Figure 6–2 depicts information about two system messages.

   Figure 6–2 Example Report Results Page

   
   

   The Report Results table shows the following information:

   • Timestamp. Shows the day, date, and time the error occurred.

     Click the Timestamp links to view detailed information about that System Log record. For example, if you clicked the first Timestamp link shown in Figure 6–2, the following information displays.

     

   • Event. Identifies the syslog ID of the target entry (when applicable).

   • Severity. Shows the severity level of the error.

     Severity levels include

     • Fatal. A severe error that causes the system to crash, resulting in the loss or corruption of unsaved data.

     • Error. A severe error that might cause the loss or corruption of unsaved data. Immediate action must be taken to prevent losing data.

     • Warning. Action must be taken at some stage to prevent a severe error from occurring in the future.

     • Info. An informative message, usually describing server activity. No action is necessary.

   • Server. Identifies the server on which the error occurred.

   • Component. Identifies the system component that generated the error.

   • Error Code. Shows the error code associated with that error.

   • Message. Shows the actual error message text.

To Run a System Log Report From the Command-Line Interface

---

Note –

These instructions assume you are familiar with the Identity Manager command-line interface and lh commands. For more information, read Appendix A, lh Reference, in Sun Identity Manager 8.1 Business Administrator’s Guide.

---

Perform the following steps to run and view a System Log report from the command line:

1. Open a command window.

2. Change directories to the default Identity Manager installation directory.

3. At the prompt, type the lh syslog [options ] command.

   Use these options to include or exclude information:

   • -d: Number – Show records for the previous number of days (Default is 1.)

   • -F – Show only records with fatal severity level

   • -E – Show only records with an error severity level or higher

   • -i logid – Show only records with a specified Syslog ID

     Syslog IDs are displayed on some error messages and reference a specific System Log entry.

   • -W – Show only records with a warning severity level or higher (default)

   • -X – Include reported cause of error, if available

Customizing a Default Error Message

---

Note –

To add message catalog entries or to modify entries provided with the system, you must create a customized message catalog. See Chapter 9, Customizing Message Catalogs, in Sun Identity Manager Deployment Guide for instructions.

---

Identity Manager’s default error messages are stored in a WPMessages.properties file in the idmcommon.jar file and in an RAMessages.properties file in the idmadapter.jar.

• The WPMessages.properties file is located in project_directory/waveset/idm/common/src/com/waveset/msgcat

• The RAMessages.properties file is located in project_directory/waveset/idm/adapter/src/com/waveset/adapter

The Identity Manager Service Provider’s default error messages are located in the IDMXMessages.properties file.

You can customize these default error messages by modifying attributes in the ErrorUIConfig object provided with that message.

To Modify the ErrorUIConfig Object:

1. Log in to Identity Manager Administrator interface.

2. Open the System Settings page by typing http:// host:port/idm/debug in to your browser.

3. Locate the Type menu, located next to the List Objects button. Choose Configuration from the menu.

   Figure 6–3 List Objects Type Menu

   
   

4. Click the List Objects button.

5. On the List Objects of type: Configuration page, click the ErrorUIConfig edit link.

   The following example shows the XML for an ErrorUIConfig object on Checkout Object: Configuration page:

   <?xml version=’1.0’ encoding=’UTF-8’?> <!DOCTYPE Configuration PUBLIC ’waveset.dtd’ ’waveset.dtd’> <!-- MemberObjectGroups="#ID#Top" extensionClass="GenericObject" id="#ID#9787BA467E01441B:178655:1156195C008:-7FFE" lastModifier="com.waveset.object.ErrorUIConfig" name="ErrorUIConfig"--> <Configuration id=’#ID#9787BA467E01441B:178655:1156195C008:-7FFE’ name=’ErrorUIConfig’ lock=’Configurator#1200600790328’ creator=’com.waveset.object.ErrorUIConfig’ createDate=’1191343145328’ lastModifier=’com.waveset.object.ErrorUIConfig’ lastModDate=’1191343145328’> <Extension> <Object> <Attribute name=’Enabled’> <Boolean>true</Boolean> </Attribute> <Attribute name=’ErrorMsgID’ value=’UI_ERROR_DEFAULT_FATAL_MESSAGE’/> </Object> </Extension> <MemberObjectGroups> <ObjectRef type=’ObjectGroup’ id=’#ID#Top’ name=’Top’/> </MemberObjectGroups> </Configuration>

6. You can modify the following ErrorUIConfig object attributes:

   • Enabled. Controls whether the message is enabled (true) or disabled (false).

     ---

     Note –

     The ability to disable this attribute is provided for backward-compatibility; however, disabling this attribute will result in cryptic messages and you will not see the typical extended messages in the System Log.

     ---

   • ErrorMsgID. Identifies the error message to be displayed.

     Change the ErrorMsgID attribute value to provide the message text you want displayed.

     The current setting for this attribute is as follows, and it references the UI_ERROR_DEFAULT_FATAL_MESSAGE message in the message catalog:

     <Attribute name=’ErrorMsgID’ value=’UI_ERROR_DEFAULT_FATAL_MESSAGE’/>

     ---

     Note –

     If you are using parameterized messages with single or double quotes in the message, you must use an additional single or double quote to escape the message. (You will see only one quote symbol when the message is output to the system.)

     For example, the following message begins and ends with two single quote marks:

     ”’{0}’’

     ---

7. When you are finished, click Save to save your changes.

   ---

   Note –

   If you have difficulty creating a default error message, contact your Administrator or Administrator hotline.

   ---