Page Comparison

...

Enable Protocol Trace on UAS. Set enabled to true to view through a web browser only. Set file-output to true to additionally record all individual messages to the file system (tomcat\temp).

Code Block

language	bash
theme	RDark

C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\uas\WEB-INF\web.xml
<servlet>
<servlet-name>com.ubisecure.saml2.trace.TraceServlet</servlet-name>
<servlet-class>com.ubisecure.saml2.trace.TraceServlet</servlet-class>
    <init-param>
        <param-name>enabled</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>file-output</param-name>
        <param-value>true</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

Activate the change by running update:

Code Block

language	bash	theme	RDark

C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat> update.cmd

Do an authentication request:
1. Check that SAML requests are viewable with web browser at the address
  https://{sso-server address}/uas/trace
  
  Figure 1. Example of a trace
2. Check that requests are recorded to the filesystem:
  C:\Program Files\Ubisecure\ubilogin-sso\tomcat\temp\Trace\uas

...

Disable Protocol Trace on UAS. Set enabled to false to view through a web browser only. Set file-output to false to additionally prevent recording of all individual messages to the file system (tomcat\temp).
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\uas\WEB-INF\web.xml

Code Block

language	bash	theme	RDark

<servlet>
<servlet-name>com.ubisecure.saml2.trace.TraceServlet</servlet-name>
<servlet-class>com.ubisecure.saml2.trace.TraceServlet</servlet-class>
    <init-param>
        <param-name>enabled</param-name>
        <param-value>false</param-value>
    </init-param>
    <init-param>
        <param-name>file-output</param-name>
        <param-value>false</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

Activate the change by running update:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat> update.cmd
Do an authentication request:
1. Check that SAML requests are not viewable with web browser at the address
  https://{sso-server address}/uas/trace
Check that requests are not recorded to the filesystem:
C:\Program Files\Ubisecure\ubilogin-sso\tomcat\temp\Trace\uas

...

Add the following to the web.xml configuration of the application protected by the SP. Set enabled to true to view through a web browser only. Set file-output to true to additionally record all individual messages to the file system (temporary directory of application server).

Code Block

language	bash	theme	RDark

<!-- Protocol Tracing -->
    
    <filter>			
        <filter-name>com.ubisecure.saml2.trace.TraceServlet</filter-name>
        <filter-class>com.ubisecure.saml2.trace.TraceServlet</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>com.ubisecure.saml2.trace.TraceServlet</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping> 
    <servlet>
        <servlet-name>com.ubisecure.saml2.trace.TraceServlet</servlet-name>
        <servlet-class>com.ubisecure.saml2.trace.TraceServlet</servlet-class>
        <init-param>
            <param-name>enabled</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>file-output</param-name>
            <param-value>true</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>com.ubisecure.saml2.trace.TraceServlet</servlet-name>
        <url-pattern>/trace/*</url-pattern>
    </servlet-mapping>

Do an authentication request:
1. Check that SAML request are viewable with web browser on address /{application context root}/trace (e.g ., http://localhost:8080/palvelu/trace).
2. Check that requests are recorded to the application server's temp directory.

...

Versions Compared

Old Version 1

New Version 2

Key