Previous      Contents      Index      Next
Sun[TM] Identity Manager 8.0 Tuning, Troubleshooting, and Error Messages

Chapter 3
Errors and Exceptions

This chapter describes the error and exception messages generated by Identity Manager. The information is organized as follows:

Before You Begin
About Identity Manager Errors and Exceptions
Viewing Errors in the System Log Report
Customizing a Default Error Message

---

Before You Begin

Review the following sections before you start working with Identity Manager error and exception messages:

Intended Audience
Important Notes
Related Documentation and Web Sites

Intended Audience

This chapter is intended for system administrators and deployers who need additional information about the errors and exceptions generated by Identity Manager.

You must have a background in programming and experience working with XML and Java.

Important Notes

Be sure to read the following information before working with Identity Manager error and exception messages:

Examples in this chapter use a locale (xx_XX locale) that was devised for example purposes only.
When you interpret error messages, be aware of the following:
Some messages have different keys but display the same error message text.
Some messages are used by multiple components.
Exceptions are generally listed by exception type, component, or both.
Some exceptions are caused by internal programming errors that cannot be viewed by Identity Manager users.
Some exceptions are simple wrappers and their parameters are the entire exception. For example, Identity Manager exceptions wrap resource messages, adapter code, and multi-part exceptions, such as password policy violations.
If you are using parameterized messages with single or double quotes in the message, you must use an additional single or double quote to escape the message. (You will see only one quote symbol when the message is output to the system.)

For example, the following message begins and ends with two single quote marks:

‘’0}’’

If you need help diagnosing problems, contact Sun Technical Support:

http://www.sun.com/service/online/us

Related Documentation and Web Sites

In addition to the information provided in this chapter, consult the publications and web sites listed in this section for information related to tuning Identity Manager for your deployment.

Recommended Reading

See the following publications for information related to Identity Manager error and exception messages:

For information about creating a customized message catalog, see Identity Manager Technical Deployment Overview for instructions.
For information about creating or editing System Log reports, see Identity Manager Administration.

Useful Web Sites

The following table describes some web sites you might find useful:

Table 3-1  Useful Web Sites

Web Site URL	Description
http://sharespace.sun.com/gm/document-1.26.2296	Identity Manager FAQ on Sun’s Share Space Note: You must sign up for a Share Space ID to access this FAQ.
http://sunsolve.sun.com/	Sun web site containing diagnostic tools, forums, features and articles, security information, and patch contents Note: The information on this site is partitioned into three areas, Internal: Sun employees only Contract: Available only to customers with contract access Public: Available to everyone
http://www.sun.com/service/online/us	Sun Technical Support web site

---

About Identity Manager Errors and Exceptions

This section describes the Identity Manager error and exception message system and the components that can generate errors and exceptions.

The information is organized into the following sections:

Where Messages Are Stored
How Messages Are Displayed
Error Severity Levels

Where Messages Are Stored

Error messages are stored as follows:

Identity Manager messages are stored in a WPMessages.properties file in the idmcommon.jar file and in an in RAMessages.properties in the idmadapter.jar.
The WPMessages.properties file is located in project_directory/waveset/idm/common/src/com/waveset/msgcat
The RAMessages.properties file is located in project_directory/waveset/idm/adapter/src/com/waveset/adapter
Identity Manager Service Provider uses a standard Java message resource bundle for displaying strings in the user interface. This resource bundle is normally included in the idmspe.jar file and must be extracted if you plan to customize message strings.

$ cd $WSHOME/WEB-INF/classes
$ jar xvf ../lib/idmspe.jar com/sun/idm/idmx/msgcat/I
DMXMessages.properties

Identity Auditor messages are stored in the AUMessages.properties file, which is located in

project_directory/waveset/idm/auditor/src/com/sun/idm/auditor/msgcat/
AUMessages.properties

The Data Exporter's default implementation includes its own message bundle, called WICMessages.properties. The WICMessages.properties file is located in the exporter.jar file in

com/sun/idm/warehouse/msgcat/WICMessages.properties

Note	You can create a customized message catalog to add messages or to modify messages provided with the system. See “Customizing Message Catalogs” in Identity Manager Technical Deployment Overview for instructions.

How Messages Are Displayed

For easy identification, Identity Manager displays page-level error and exception messages along the top of the page as boxed text with a unique error icon.

Figure 3-1  Example Login Authentication Error

Note	In the Identity Manager messaging system, items displayed as {0} or {1} represent parameters that are supplied by code. For example, The file is larger than the maximum supported length of {0} bytes. In this exception, the code replaces the {0} with the parameter value representing the maximum number of bytes.

Error Severity Levels

Within Identity Manager, error severities are defined as follows:

Fatal: A severe error that causes your system to crash, resulting in the loss or corruption of unsaved data.
Error: A severe error that might cause the loss or corruption of unsaved data. Immediate action must be taken to prevent losing data.
Warning: Action must be taken at some stage to prevent a severe error from occurring in the future.
Info: An informative message, usually describing server activity. No action is necessary.

Note	You can check the Identity Manager System Log for more information about an error or exception message. (See Viewing Errors in the System Log Report.)

---

Viewing Errors in the System Log Report

System Log reports can provide information about errors generated by Identity Manager. The System Log report consists of the error’s timestamp, severity, server name, component name, error code or ID, stack trace (structure of the execution stack at that point in the program's life), and error text information.

You can use Identity Manager’s Administrator interface or command-line interface to run and view System Log reports.

Note	Instructions for creating and editing System Log reports are provided in Identity Manager Administration.

To Run a System Log Report From the Administrator Interface

Perform the following steps to run a System Log report from the Administrator interface:

Log in to the Identity Manager Administrator interface.
Select Reports > Run Reports to open the Run Reports page.
Locate the appropriate System Log Report entry in the Report Type column, and then click the Run button in that same row.

The Report Results page displays, listing the system messages that were reported during the specified interval. For example, Figure 3-2 depicts information about two system messages.

Figure 3-2  Example Report Results Page



The Report Results table shows the following information:
Timestamp: Shows the day, date, and time the error occurred.

Click the Timestamp links to view detailed information about that System Log record. For example, if you clicked the first Timestamp link shown in Figure 3-2, the following information displays.

Figure 3-3  Partial System Log Record Detail



Event: Identifies the syslog ID of the target entry (when applicable).
Severity: Shows the severity level of the error:
Fatal: A severe error that causes the system to crash, resulting in the loss or corruption of unsaved data.
Error: A severe error that might cause the loss or corruption of unsaved data. Immediate action must be taken to prevent losing data.
Warning: Action must be taken at some stage to prevent a severe error from occurring in the future.
Info: An informative message, usually describing server activity. No action is necessary.
Server: Identifies the server on which the error occurred.
Component: Identifies the system component that generated the error.
Error Code: Shows the error code associated with that error.
Message: Shows the actual error message text.

To Run a System Log Report From the Command-Line Interface

Note	These instructions assume you are familiar with the Identity Manager command-line interface and lh commands. For more information, read “Appendix A: lh Reference” in Identity Manager Administration.

Perform the following steps to run and view a System Log report from the command line:

Open a command window.
Change directories to the default Identity Manager installation directory.
At the prompt, type the lh syslog [options] command.

Use these options to include or exclude information:

-d Number: Show records for the previous number of days (default=1)
-F: Show only records with fatal severity level
-E : Show only records with error severity level or higher
-i logid: Show only records with a specified Syslog ID

Syslog IDs are displayed on some error messages and reference a specific System Log entry.

-W : Show only records with warning severity level or higher (default)
-X: Include reported cause of error, if available

---

Customizing a Default Error Message

Note	To add message catalog entries or to modify entries provided with the system, you must create a customized message catalog. See Identity Manager Technical Deployment Overview for instructions.

Identity Manager’s default error messages are stored in a WPMessages.properties file in the idmcommon.jar file and in an RAMessages.properties file in the idmadapter.jar.

The WPMessages.properties file is located in project_directory/waveset/idm/common/src/com/waveset/msgcat
The RAMessages.properties file is located in project_directory/waveset/idm/adapter/src/com/waveset/adapter

The Identity Manager Service Provider’s default error messages are located in the IDMXMessages.properties file.

You can customize these default error messages by modifying attributes in the ErrorUIConfig object provided with that message.

To modify the ErrorUIConfig object:

Log in to Identity Manager Administrator interface.
Open the System Settings page by typing http://host:port/idm/debug in to your browser.
Locate the Type menu, located next to the List Objects button. Choose Configuration from the menu.

Figure 3-4  List Objects Type Menu



Click the List Objects button.
On the List Objects of type: Configuration page, click the ErrorUIConfig edit link.

The following example shows the XML for an ErrorUIConfig object on Checkout Object: Configuration page:

Code Example 3-1  Example ErrorUIConfig XML Source

<?xml version='1.0' encoding='UTF-8'?> <!DOCTYPE Configuration PUBLIC 'waveset.dtd' 'waveset.dtd'> <!-- MemberObjectGroups="#ID#Top" extensionClass="GenericObject" id="#ID#9787BA467E01441B:178655:1156195C008:-7FFE" lastModifier="com.waveset.object.ErrorUIConfig" name="ErrorUIConfig"--> <Configuration id='#ID#9787BA467E01441B:178655:1156195C008:-7FFE' name='ErrorUIConfig' lock='Configurator#1200600790328' creator='com.waveset.object.ErrorUIConfig' createDate='1191343145328' lastModifier='com.waveset.object.ErrorUIConfig' lastModDate='1191343145328'> <Extension> <Object> <Attribute name='Enabled'> <Boolean>true</Boolean> </Attribute> <Attribute name='ErrorMsgID' value='UI_ERROR_DEFAULT_FATAL_MESSAGE'/> </Object> </Extension> <MemberObjectGroups> <ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/> </MemberObjectGroups> </Configuration>

You can modify the following ErrorUIConfig object attributes:
Enabled: Controls whether the message is enabled (true) or disabled (false).

Note	The ability to disable this attribute is provided for backward-compatibility; however, disabling this attribute will result in cryptic messages and you will not see the typical extended messages in the System Log.

ErrorMsgID: Identifies the error message to be displayed.

Change the ErrorMsgID attribute value to provide the message text you want displayed.

The current setting for this attribute is as follows, and it references the UI_ERROR_DEFAULT_FATAL_MESSAGE message in the message catalog:

<Attribute name='ErrorMsgID' value='UI_ERROR_DEFAULT_FATAL_MESSAGE'/>

Note	If you are using parameterized messages with single or double quotes in the message, you must use an additional single or double quote to escape the message. (You will see only one quote symbol when the message is output to the system.) For example, the following message begins and ends with two single quote marks: ‘’{0}’’

When you are finished, click Save to save your changes.

Note	If you have difficulty creating a default error message, contact your Administrator or Administrator hotline.

Previous      Contents      Index      Next

---

Part No: 820-2962-10.   Copyright 2008 Sun Microsystems, Inc. All rights reserved.