Error at Line 0: Advanced Logging for your IIQ Code

Presenters: @alexander_jakimowic

Presentation:
LoggingFramework_Pres_1_2.pptx (3,2 MB)

Here you can find the code of the Framework (Java and RuleLibrary), The log4j2Admin.jsp page, and some admittedly rudimentary javadoc for the Java class. Please feel free to share any criticisms and suggestions for improvements you might have.
LoggingFramework.zip (562,3 KB)

2 Likes

I tweaked your code a bit to add authorization.



<%@ page import="java.util.*"%>
<%@ page import="sailpoint.api.*"%>
<%@ page import="sailpoint.object.*"%>
<%@ page import="sailpoint.service.quicklink.QuickLinkLauncher"%>

<%
SailPointContext context = SailPointFactory.getCurrentContext();
Identity identity = context.getObjectByName(Identity.class, context.getUserName());
Configuration systemConfig = context.getObjectByName(Configuration.class, "SystemConfiguration");
String baseUrl = (String) systemConfig.get("serverRootPath");
String redirect = baseUrl + "/home.jsf";
Identity.CapabilityManager localCapabilityManager = identity.getCapabilityManager();
        boolean userAuthorized = false;
        if (localCapabilityManager.hasCapability("SystemAdministrator")) {
                userAuthorized = true;
        }
 if (!userAuthorized) {
        response.sendRedirect(redirect);
 }
%>
1 Like

Thank you for the demo. Could you please share how do you view the log file with powershell - which command did you use in the video?

It seems like less in linux, but i cant figure it out.

Powershell was connected to my docker container on which IIQ was running. So in fact it was linux and i used “less” to view the log.

I used docker exec -it <containerName> bash to access the container.

Hi Alexander,
Nice video and nice tool so you dont need to go to log and enable disable manually then restart the server to enable the logs.

I have a question in the readme.txt you mention:
“place log4j2Admin.jsp page into your deployed identityiq webapp to try it out. Beware of necessary access control.
This is not included in the page natively”
Where exactly I should place the → log4j2Admin.jsp

in: my_installlation_windows/apache-tomcat/webapps/identityiq → just here??

what do you mean with → This is not included in the page natively

Thanks in advance

Dear @alexander_jakimowic,

Im trying to follow up the below

link:

so I downloand the zip file which contains the logginFramework.

  1. import the rule in my environement and adjust the package
  2. upload the rule in iiq
    but Its not clear what it means:
    “place log4j2Admin.jsp page into your deployed identityiq webapp to try it out. Beware of necessary access control.
    This is not included in the page natively”
    Where exactly I should place the → log4j2Admin.jsp’

then i just run the iiq and what url i should go to see the log4j2 page to enable the logs?

Thank in advance

For Windows:

  • Using Windows Explorer go to the directory where IdentityIQ is deployed (something like: d:\tomcat\webapps\identityiq)
  • Save the jsp file in this directory (I normally would place it in directory ....\identityiq\adminConsole as this is less obvious and still accessible

For Unix:

  • Save the jsp file in the directory where IdentityIQ is deployed (something like: /opt/tomcat/webapps/identityiq)
    (I normally would place it in directory ..../identityiq/adminConsole as this is less obvious and still accessible)

Than use a browser (Chrome/Edge/Safari/…) and browse to http:///identityiq/adminConsole/log4j2Admin.jsp

I hope this helps :slight_smile:

– Remold

Thank you so much Remold!! i get it running

Dear community,

I have a question where you paste the src
image

@Remold could you help me here, thanks in advance

That would be a question for @alexander_jakimowic :wink:

1st of all yo should start using the Services Standard Build (SSB) (or Services Standard Deployment (SSD)) for your IdentityIQ Development.
The SSB provides a standard way of building an IdentityIQ configuration and deployment of all the IdentityIQ artifacts.

The LoggingFramework as shown in this Developer Day Presentation is a zip-file which can be directly unpacked in the SSB folder. (See also the ReadMe.txt in the zip-file: place java class form src/icc/logging/ into your own sources.). So it should be src/icc/logging/ and run a build/deployment using the SSB.

– Remold