CAS GH debugging

Overview

CAS GH uses log4j features to log.

The properties of the log4j logger are defined in the webpages/WEB-INF/LoggerConf.xml of the esup-casgeneric package.

For the three (esup-casgeneric, esup-cas-server and esup-cas-quick-start) packages, this file relies on the following properties, defined in the properties/build.properties file:

• esup-casgeneric.log.path
• esup-casgeneric.log.level

esup-casgeneric.log.path

This property defines the location of the CAS Generic Handler log file. If you use a relative path, it will be relative to your servet container's root directory.

The default value for this property is:

esup-casgeneric.log.path=logs/esup-casgeneric.log

esup-casgeneric.log.level

This property defines the (log4j) log level to use when logging with CAS GH. Allowed values are ERROR, WARN, INFO and DEBUG.

The most usual value for this property is INFO, as CAS GH will then echo informations, warnings and errors. It is the recommended value, and thus set by default.

To debug your authentication process, you have to set this property to true (to allow debugging output) and configure your authentication handlers to print debugging informations (see below).

Debugging configuration

At first, allow debugging output (see above).

Then you have to precise the part of your authentication process your want to debug. Debugging can be set at three different levels:

• at the main level, by adding a debug="on" attribute to the main <authentication> XML element of the configuration. With this attribute, all the elements of the authentication process (handlers and servers) will be debugged by default (if not precised otherwise at a handler or server-level).
• at a handler-level, by adding the same debug="on" attribute to any <handler> XML element. With this attribute, the handler, and possibly its redundant servers, will be debugged. With a debug="off" attribute, the handler will not be debugged, even if debugging mode was set at the main level. Without any debug attribute, the handler will follow he main level policy.
• at a server-level, by adding the same debug="on" attribute to any <server> XML element. This of course only stands for redundant handlers, i.e. handlers inheriting from the abstract RedundantHandler class. With this attribute, the server will be debugged. With a debug="off" attribute, the server will not be debugged, even if debugging mode was set at a handler-level. Without any debug attribute, the server will follow he handler-level policy.

Note: if one (or more) servers of a redundant handler is debugged, then the handler will also be debugged (other servers may or may not be debugged). The same way, if one (or more) handlers is debugged, then the authentication process itself is debugged (other handlers may or may not be debugged).