Steps

Accounting Service is installed as part of SSO installation / upgrade. You can find instructions on how to install and upgrade Ubisecure SSO in Installation - SSO and Upgrade - SSO, respectively. Read and proceed with those instructions first.

Verify components installed

A successful installation consists of these components:

• Configuration of the Accounting Service integration in the SSO directory entry: CN=Ubisecure Accounting under CN=Services, OU=System
• Accounting site and application in SSO directory
  
• Accounting Service, which is a standalone Spring Boot application running as a service in your operating system (ubisecure-accounting), see Verify the running service below

Finalise access rights

After the installation you will have a Accounting application in SSO that you can verify and manage with Management user interface - SSO. This application controls access to the Accounting Service endpoints like reporting, see Using Accounting Service.

Verify the running service

In order to verify that Accounting Service has been successfully installed or upgraded and started follow the guidelines in the subsequent sections. See Troubleshooting Accounting Service if any of the steps fail.

Accounting Service log

Verify from the application log (by default accounting/logs/ids-accounting.log under ubilogin-sso installation directory) that the service has started without errors.

2019-08-23 02:33:23.464  INFO 23901 --- [main] o.a.activemq.broker.TransportConnector   : Connector vm://localhost started
2019-08-23 02:33:25.683  INFO 23901 --- [main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8442 (https) with context path ''
2019-08-23 02:33:25.685  INFO 23901 --- [main] c.u.i.a.AccountingServiceApplication     : Started AccountingServiceApplication in 28.442 seconds (JVM running for 29.785)

The following warning is harmless:

2019-08-23 02:33:23.461  WARN 23901 --- [main] o.apache.activemq.broker.BrokerRegistry  : Broker localhost not started so using localhost-36161 instead

Accounting Service health check

Preconditions:

1. Accounting Service needs to be running
2. Need to know the HTTP Basic authentication credentials, see Accounting service management / Actuator endpoint authentication

Steps with browser:

1. Open browser and navigate to the following path: http(s)://<host>:<port>/actuator/health

2. Enter the credentials

   Figure 2. Entering Accounting Service health check credentials

3. Verify from the response that the overall status and status of each component is 'UP'

   Figure 3. Accounting Service health check response in JSON format

   In normal conditions, the results will read "UP" and the endpoint will return a HTTP 200 error response.

   In error conditions, the results will read "DOWN" or "OUT_OF_SERVICE" and the endpoint will return a HTTP 503 error response.

If you don't perceive the expected outcome see Troubleshooting Accounting Service.

Accounting Service version info

Preconditions:

1. Accounting Service needs to be running
2. Need to know the HTTP Basic authentication credentials, see Accounting service management / Actuator endpoint authentication

Steps:

1. Open browser and navigate to the following path: http(s)://<host>:<port>/actuator/info

2. Enter the credentials as above

3. Verify from the response that the version number is correct, The first two numbers here (e.g. 1.1) should match with the installed version.

   Figure 4. Accounting Service info response in JSON format

Verify the functionality

See also Using Accounting Service.

Accounting Service OAuth2 authentication check

Preconditions:

1. Accounting Service needs to be running
2. SSO need to be running
3. Need to know the Accounting OAuth2 application allowed user credentials in SSO

Steps:

1. Open browser and navigate to the following URL: https://accounting.example.com/accounting/report (the actual URL depends on your network configuration, see Network requirements)

2. Enter the credentials in SSO

3. A CSV download file with total of 0 users is downloaded (when this check is done before the first scheduled monthly calculation)

   Monthly active unique user counts empty CSV example

   Month,Authentication Method,User Count
   2019-03,TOTAL,0

4. Verify the audit log events about the access has been written, see Accounting Service logging / Audit log

If you don't perceive the expected outcome see Troubleshooting Accounting Service.

Verify SSO event recording in the Accounting Service

Preconditions:

1. Accounting Service needs to be running
2. SSO need to be running
3. Need to know the Accounting OAuth2 application credentials in SSO

Steps:

1. Authenticate into some other SSO managed application than Accounting and preferably with some other user or other authentication method than password
2. Open browser and navigate to the following kind of URL: https://accounting.example.com/accounting/verify/events/<yyyy-MM-dd> where <yyyy-MM-dd> is replaced with the current date, see Using Accounting Service

3. Enter the credentials in SSO

4. A CSV download file with an event for each authentication on that day is downloaded, the last row shows the last event

   Daily successful authentication events CSV example

   Timestamp,Authentication Method,Pseudonymised User ID
   2019-03-15T09:09:00Z,PASSWORD,3b4e5ba2d62e69b6de6730d407f94c999b01c17e10b0d110ed98dfffcbd92191
   

If you don't perceive the expected outcome see Troubleshooting Accounting Service.