Good afternoon all! Even though I'm here for help, I also hope to
entertain through detailing my various pratfalls and mistakes while
attempting, as a new Nov...NetIQ Access Manager Appliance user to create
a custom authentication mechanism using the SDK provided by NetIQ for
this purpose. To get a few things out of the way first:

Version: NetIQ Access Manager Appliance v3.2 SP1 (The latest at the time
I downloaded it)
Method: I booted from the ISO on a brand new VMWare Workstation v9 VM.
It installed like a champ
Reason: To develop a custom authentication mechanism for a customer
using the provided SDK.

The story thus far:
After a delightfully hands-off install, I logged in to the
Administration portal and hooked my Active Directory instance up in the
Identity Manager. It worked like a champ! I then verified that I could
log in to the Access Manager's "/portal" sample using a user from my
Active Directory. Perfect! I also decided to make the self-same portal
the guinea pig for my custom authentication mechanism seeing as: A) why
go out for milk when you have a cow at home and B) I have no idea how to
protect some arbitrary thing.

I coded up a quick custom authentication class using the template
"password" class. It was easy and fun and the directions were
more-or-less lucid although the login.jsp I nabbed from the server and
altered used scriptlets.. SCRIPTLETS in it. This on Tomcat 7 which
supports JSP 2.2! But I digress. Here is where things went off the
rails. I uploaded the .jar file containing my custom class to the
server, set up an entry for the class and a contract to use it. (I even
set up a nice custom 'card'!) I then stumbled my way into finding out
how to alter the authentication mechanism used by the sample portal app.
and changed it to the contract I had created just a few minutes earlier.


Then, the moment of truth came. With shaking hands, I entered in the
portal URL.
'Things went off the rails' (http://imgur.com/UEyQ2M7)
Well then. That was not too auspicious was it. In the spirit of all
great problem solvers, I put the error into Google and didn't find
anything. Then I put the error's prefix into Google and.. Viola!
'Another intrepid custom-auth-scheme-making soul in the same boat'
(http://tinyurl.com/bdzl2jn). Unfortunately, things went even more off
the rails:

- The helpful instructions from the follow-up applied to an earlier
version of Access Manager
- There was no hint of where the 'Application' logs were or how to
set their level to Debug


Through further searches, I discovered that there used to be a utility
called "nash" that no longer exists that you could use to set the log
level. But what was its replacement? Luckily, NetIQs 'online
documentation' (http://tinyurl.com/bz49dbh) saved the day with a 'pearl
of wisdom' (http://i.imgur.com/APbntI4.png): Use the admin console and
go to "Access Gateways -> Edit -> Logging". "Brilliant!" I thought to
myself. "I'll do just that!". Unfortunately, it was not to be. 'The word
\"logging\" simply does not exist on the screen in question'
(http://i.imgur.com/6DUYZbR.png).

What about "Alerts" What about "Auditing"? Well, I turned on as much as
I possibly could. I even made a profile for auditing that caught
EVERYTHING.

In short, nothing seems to work here:

- I'm getting no indication why my auth class is not loading save an
ambiguous error message
- The log configuration is not where the documentation says it is
- I've found (through "find") a myriad of logfiles all over the
system but none seem to be what I want
- Altering the logging of the different protected resources seems to
generate no more logging than doing nothing at all.


Could anyone give me some guidance with the following:

- Where does this product keep its logs?
- How do I configure the log levels?
- Specifically, what logs would have what I need in them (the reason
the Java classloader fails to load my custom authentication class)


Thank you so much for any help. I am sure I'll have more amusing
anecdotes in the future!


--
skorzy
------------------------------------------------------------------------
skorzy's Profile: https://forums.netiq.com/member.php?userid=3782
View this thread: https://forums.netiq.com/showthread.php?t=46629