Accounting Service management - SSO

Owned by John Jellema
Last updated: 2023-10-26 by Nikolai Denissov

By default Accounting Service is configured to expose the following Spring Boot Actuator HTTP(S) endpoints:

  • /actuator - management index page
  • /actuator/info - application info, including version number
  • /actuator/health - health check
  • /actuator/loggers - view and set log levels, setting requires POST

These endpoints can be used in troubleshooting.

In the Windows installation also the actuator shutdown endpoint is exposed in order to stop the Accounting Service running as a Windows service.

  • /actuator/shutdown - requires POST

Actuator endpoint authentication

Actuator endpoints (except health) require HTTP Basic authentication. There are two options for the credentials:

  1. Credentials are explicitly set in the win32.config/unix.config file: accounting.actuator.username / accounting.actuator.password

  2. Password is left empty and thus generated during the SSO installation process by the setup script and you can check the values either from

    1. win32.config/unix.config file: accounting.actuator.username / accounting.actuator.password or

    2. config/accounting-install.properties file: spring.security.user.name / spring.security.user.password

See also Accounting Service security and SSO Installation Accounting Service settings.

Health endpoint detailed information

The health endpoint can be accessed with HTTP Basic authentication. The detailed information is by default shown only to the authenticated users. This is controlled by a regular Spring Boot setting:

management:
  endpoint:
    health:
      show-details: when-authorized

You may override the setting in the configuration file, see Accounting Service additional configuration.

The details show the component level status and reveal some implementation details:

{
    "status": "UP",
    "components": {
        "db": {
            "status": "UP",
            "details": {
                "database": "PostgreSQL",
                "validationQuery": "isValid()"
            }
        },
        "diskSpace": {
            "status": "UP",
            "details": {
                "total": 1013310287872,
                "free": 786584629248,
                "threshold": 10485760,
                "exists": true
            }
        },
        "eventReceiver": {
            "status": "UP"
        },
        "jms": {
            "status": "UP",
            "details": {
                "provider": "ActiveMQ"
            }
        },
        "livenessState": {
            "status": "UP"
        },
        "ping": {
            "status": "UP"
        },
        "readinessState": {
            "status": "UP"
        }
    },
    "groups": [
        "liveness",
        "readiness"
    ]
}


In case of failure an error message is shown, see Troubleshooting Accounting Service / Sample health check in an error case.

Changing log level while system is running

You can change the logging level for the Accounting Service or any of its components without restarting the application.  This is standard Spring framework behaviour.

Example of setting com.ubisecure log level to debug by POST
POST /actuator/loggers/com.ubisecure HTTP/1.1
Host: localhost:8084
Content-Type: application/json
Authorization: Basic dXNlcjplNGJjODJkNS05MWY1LTRmN2QtYjI3NS1jMDc4NTllZTYzNDE=
{
    "configuredLevel": "DEBUG"
}

Ubisecure Privacy Policy & Cookie Statement