Cisco Subscriber Edge Services Manager Application Management Guide SESM Release 3.2 September 2003
Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100
Text Part Number: OL-3983-02 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ Net Readiness Scorecard, Networking Academy, and ScriptShare are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, SMARTnet, StrataView Plus, Stratm, SwitchProbe, TeleRouter, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0304R)
Cisco Subscriber Edge Services Manager Application Management Guide Copyright ©2003, Cisco Systems, Inc. All rights reserved.
CONTENTS
About This Guide vii Document Objectives vii Audience vii Document Organization viii Document Conventions viii Related Documentation ix Obtaining Documentation ix Cisco.com x Documentation CD-ROM x Ordering Documentation x Documentation Feedback x Obtaining Technical Assistance xi Cisco TAC Website xi Opening a TAC Case xi TAC Case Priority Definitions xii Cisco Developer Support Program xii Program Benefits xii Contacting Cisco Developer Support xii Obtaining Additional Publications and Information xiii
CHAPTER 1 Introduction 1-1 Application Manager 1-1 SESM Installation Images 1-2 Subscriber and Service Profiles 1-2 SESM Reference Network Diagram 1-3 SESM Application Management 1-4 SESM Documentation Map 1-5
CHAPTER 2 Installing the Application Manager 2-1 Important Information about Installing Application Manager 2-1 Recommended Browsers 2-1 Reference to Detailed Installation Instructions 2-2 Installation Results 2-2
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 iii Contents
CHAPTER 3 Configuring the Application Manager 3-1 Underlying Technology 3-1 Required Configuration Procedures 3-3 Granting Access to the RMI Registry 3-3 Setting the Classpath and Running the RMI Registry 3-4 Adding New Applications to Manage 3-4 Configuring Logon Values for the Application Manager 3-6
CHAPTER 4 Running the Application Manager 4-1 Startup Procedures for Application Manager 4-1 Troubleshooting Application Manager Startup 4-2 Stopping the Application Manager 4-4 Adding and Removing Services on Windows 4-4 Service Dependencies 4-4
CHAPTER 5 Using the Application Manager Operational Scenarios 5-1 Purpose of Operational Scenarios 5-1 Accessing the Operational Scenarios 5-2 Researching Applications Not Appearing on an Operational Scenario 5-3 General Instructions for Using the Operational Scenarios 5-4 Changing Attribute Values 5-4 Changing Column Widths 5-4 Changing List Ordering 5-4 Button Operations 5-5 Operational Scenario Descriptions 5-5 CDAT Session Operational Scenario 5-6 Deployment Operational Scenario 5-6 Firewalls Operational Scenario 5-7 Logging Operational Scenario 5-8 RADIUS Dictionary Operational Scenario 5-9 RDP Operational Scenario 5-10 SPE Operational Scenario 5-11 SSG Operational Scenario 5-11 SSG Mappings Scenario 5-11 Bulk Upload Scenario 5-14
CHAPTER 6 Using the Application Manager Advanced Windows 6-1 Introduction 6-1
Cisco Subscriber Edge Services Manager Application Management Guide iv OL-3983-02 Contents
Accessing the Advanced Windows 6-2 Buttons on the MBean Windows 6-5
CHAPTER 7 Logging and Debugging in SESM Applications 7-1 Log File Descriptions 7-1 MBeans for Log File Configuration 7-1 Jetty Server Logging and Debugging 7-2 Log MBean 7-2 Debug MBean 7-3 Server MBean 7-4 SESM Application Logging and Debugging 7-5 Logger MBean 7-5 SSG Connectivity 7-8 SSG MBean 7-8
APPENDIX A Manually Editing MBean Configuration Files A-1 Restarting Applications after Editing A-1 MBean Configuration Files A-1 MBean Configuration File Format A-1 SystemProperty and Property Tags in Configuration Files A-4
APPENDIX B Using the SESM Agent View Tool B-1 SESM Agent View Overview B-1 Accessing an Application’s Agent View B-2 Configuring the ManagementConsole MBean B-3 Starting and Removing the Management Console B-3 URLs for Accessing Agent Views B-4 Using the CDAT Main Window to Access Agent Views B-4 Using the Agent View B-5 Using the MBean View B-6 Monitoring an Application B-10
APPENDIX C Application Manager MBeans C-13 Configuring Application MBeans C-13 Generic MBeans C-14 JMImplementation C-14 com.cisco.sesm.ignore C-14 com.cisco.sesm.jmx C-14
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 v Contents
Adaptor C-14 Application Management MBeans C-15 com.cisco.sesm C-15 org.mortbay.jetty C-15 RADIUS Data Proxy MBeans C-16 com.cisco.sesm C-16 Captive Portal MBeans C-18 com.cisco.sesm C-18 org.mortbay.jetty C-19 Web Application (NWSP) MBeans C-20 com.cisco.sesm C-20 org.mortbay.jetty C-21 Message Portal MBeans C-22 com.cisco.sesm C-22 org.mortbay.jetty C-23 Web Services Gateway MBeans C-24 com.cisco.sesm C-24 org.mortbay.jetty C-25 CDAT MBeans C-26 com.cisco.sesm C-26 org.mortbay.jetty C-26 DNS Proxy MBeans C-27
Cisco Subscriber Edge Services Manager Application Management Guide vi OL-3983-02
About This Guide
This preface introduces the Cisco Subscriber Edge Services Manager Application Management Guide. The preface contains the following sections: • Document Objectives • Audience • Document Organization • Document Conventions • Related Documentation • Obtaining Documentation • Obtaining Technical Assistance • Obtaining Additional Publications and Information
Document Objectives
This guide describes the Cisco Subscriber Edge Services Manager (Cisco SESM) Application Manager .
Audience
This guide is intended for administrators and others responsible for installing, configuring, and running SESM applications and deploying SESM solutions.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 vii About This Guide Document Organization
Document Organization
This guide includes the chapters shown in the following table:
Chapter Title Description Chapter 1 Introduction Introduces the Application Manager. Chapter 2 Installing the Application Describes how to install the Application Manager. Manager Chapter 3 Configuring the Application Describes how to configure the Application Manager Manager and the SESM applications so that they can be managed. Chapter 4 Running the Application Describes how to start and run the Application Manager Manager. Chapter 5 Using the Application Manager Describes how to use the Application Manager Operational Scenarios operational scenarios. Chapter 6 Using the Application Manager Describes how to use the Application Manager Advanced Windows advanced windows. Chapter 7 Logging and Debugging in Describes how to configure the logging and SESM Applications debugging mechanisms for SESM applications and the Jetty server. Appendix A Manually Editing MBean Describes the SESM MBean configuration file Configuration Files format and how to manually edit the files. Appendix B Using the SESM Agent View Describes how to remotely manage SESM Tool applications using the SESM Agent View tool. Appendix C Application Manager MBeans Describes the MBeans that are configurable using the Application Manager. Index
Document Conventions
The following conventions are used in this guide: • Italic font is used for parameters for which you supply a value, emphasis, and to introduce new terms. • Bold font is used for user entry and command names. • Computer font is used for examples.
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in this guide.
Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.
Cisco Subscriber Edge Services Manager Application Management Guide viii OL-3983-02 About This Guide Related Documentation
Related Documentation
Documentation for the Cisco SESM includes: • Release Notes for the Cisco Subscriber Edge Services Manager, Release 3.2 • Cisco Subscriber Edge Services Manager Solutions Guide • Cisco Subscriber Edge Services Manager Quick Start Guide • Cisco Subscriber Edge Services Manager Installation Guide • Cisco Subscriber Edge Services Manager Deployment Guide • Cisco Subscriber Edge Services Manager Web Portal Guide • Cisco Subscriber Edge Services Manager Captive Portal Guide • Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide • Cisco Subscriber Edge Services Manager Troubleshooting Guide • Cisco Subscriber Edge Services Manager Application Management Guide • Cisco Distributed Administration Tool Guide • Cisco Subscriber Edge Services Manager Web Developer Guide • Cisco Subscriber Edge Services Manager Plug and Play Guide • Cisco Subscriber Edge Services Web Services Gateways Guide The Cisco SESM documentation is online at: http://www.cisco.com/univercd/cc/td/doc/solution/sesm/index.htm
Documentation for the Cisco SSG is online at: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122b/122 b_4/122b4_sg/
Information related to configuring the SSG authentication, authorization, and accounting features is included in the following locations: • Cisco IOS Security Configuration Guide • Cisco IOS Security Command Reference If you are including the Cisco Access Registrar (a RADIUS server) in your SESM deployment, see the following documents: • Cisco Access Registrar 1.6 Release Notes • Cisco Access Registrar User Guide
Obtaining Documentation
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 ix About This Guide Obtaining Documentation
Cisco.com
You can access the most current Cisco documentation on the World Wide Web at this URL: http://www.cisco.com/univercd/home/home.htm You can access the Cisco website at this URL: http://www.cisco.com International Cisco websites can be accessed from this URL: http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated regularly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual or quarterly subscription. Registered Cisco.com users can order a single Documentation CD-ROM (product number DOC-CONDOCCD=) through the Cisco Ordering tool: http://www.cisco.com/en/US/partner/ordering/ordering_place_order_ordering_tool_launch.html All users can order annual or quarterly subscriptions through the online Subscription Store: http://www.cisco.com/go/subscription
Ordering Documentation
You can find instructions for ordering documentation at this URL: http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm You can order Cisco documentation in these ways: • Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace: http://www.cisco.com/en/US/partner/ordering/index.shtml • Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, USA.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page. You can send your comments in e-mail to [email protected].
Cisco Subscriber Edge Services Manager Application Management Guide x OL-3983-02 About This Guide Obtaining Technical Assistance
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address: Cisco Systems Attn: Customer Document Ordering 170 West Tasman Drive San Jose, CA 95134-9883 We appreciate your comments.
Obtaining Technical Assistance
For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, the Cisco Technical Assistance Center (TAC) provides 24-hour, award-winning technical support services, online and over the phone. Cisco.com features the Cisco TAC website as an online starting point for technical assistance.
Cisco TAC Website
The Cisco TAC website (http://www.cisco.com/tac) provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The Cisco TAC website is available 24 hours a day, 365 days a year. Accessing all the tools on the Cisco TAC website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a login ID or password, register at this URL: http://tools.cisco.com/RPF/register/register.do
Opening a TAC Case
The online TAC Case Open Tool (http://www.cisco.com/tac/caseopen) is the fastest way to open P3 and P4 cases. (Your network is minimally impaired or you require product information). After you describe your situation, the TAC Case Open Tool automatically recommends resources for an immediate solution. If your issue is not resolved using these recommendations, your case will be assigned to a Cisco TAC engineer. For P1 or P2 cases (your production network is down or severely degraded) or if you do not have Internet access, contact Cisco TAC by telephone. Cisco TAC engineers are assigned immediately to P1 and P2 cases to help keep your business operations running smoothly. To open a case by telephone, use one of the following numbers: Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227) EMEA: +32 2 704 55 55 USA: 1 800 553-2447 For a complete listing of Cisco TAC contacts, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 xi About This Guide Obtaining Technical Assistance
TAC Case Priority Definitions
To ensure that all cases are reported in a standard format, Cisco has established case priority definitions. Priority 1 (P1)—Your network is “down” or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation. Priority 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation. Priority 3 (P3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels. Priority 4 (P4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Cisco Developer Support Program
The Developer Support Program was developed to provide formalized support for Cisco interfaces to accelerate the delivery of compatible solutions to Cisco customers. The program web site at http://www.cisco.com/go/developersupport provides a central resource point for all your development needs.
Program Benefits
• Product and document downloads • Bug reports • Sample scripts • Frequently Asked Questions • Access to Developer Support Engineers Many of the product and document downloads are accessible with a Cisco.com guest level login. However, as a member of the program, you will get access to all the program benefits listed above to promote your development efforts. The subscription also provides the ability to open support cases using the same infrastructure and processes used by Cisco Technical Assistance Center (TAC). Our Subscription membership is fee-based. The Developer Support Agreement, with the subscription fees and list of supported interfaces, is available on the Developer Support Web site.
Note The Cisco TAC does NOT provide support for this API/interface under standard hardware or software support agreements. All technical support for this API/interface, from initial development assistance through API troubleshooting/bugs in final production applications, is provided by Cisco Developer Support and requires a separate Developer Support contract. When opening cases, a Developer Support contract number must be provided in order to receive support.
Contacting Cisco Developer Support
You can contact Cisco Developer Support using the following:
Cisco Subscriber Edge Services Manager Application Management Guide xii OL-3983-02 About This Guide Obtaining Additional Publications and Information
• Email: [email protected] • Web: http://www.cisco.com/go/developersupport
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources. • The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL: http://www.cisco.com/en/US/products/products_catalog_links_launch.html • Cisco Press publishes a wide range of networking publications. Cisco suggests these titles for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking Troubleshooting Guide, and the Internetworking Design Guide. For current Cisco Press titles and other information, go to Cisco Press online at this URL: http://www.ciscopress.com • Packet magazine is the Cisco quarterly publication that provides the latest networking trends, technology breakthroughs, and Cisco products and solutions to help industry professionals get the most from their networking investment. Included are networking deployment and troubleshooting tips, configuration examples, customer case studies, tutorials and training, certification information, and links to numerous in-depth online resources. You can access Packet magazine at this URL: http://www.cisco.com/go/packet • iQ Magazine is the Cisco bimonthly publication that delivers the latest information about Internet business strategies for executives. You can access iQ Magazine at this URL: http://www.cisco.com/go/iqmagazine • Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL: http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html • Training—Cisco offers world-class networking training. Current offerings in network training are listed at this URL: http://www.cisco.com/en/US/learning/index.html
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 xiii About This Guide Obtaining Additional Publications and Information
Cisco Subscriber Edge Services Manager Application Management Guide xiv OL-3983-02 CHAPTER 1
Introduction
This chapter introduces the Application Manager and its role in Cisco Subscriber Edge Services Manager (SESM) solutions. Topics are: • Application Manager, page 1-1 • SESM Installation Images, page 1-2 • Subscriber and Service Profiles, page 1-2 • SESM Reference Network Diagram, page 1-3 • SESM Application Management, page 1-4 • SESM Documentation Map, page 1-5
Application Manager
The Application Manager is a web application that remotely manages SESM applications. It can manage multiple instances of SESM web portal and captive portal applications, RDP, CDAT, and other Application Manager instances. These applications can be installed on the same or different systems from the Application Manager, and a firewall may exist between them. The Application Manager can perform the following management tasks: • Change configuration values for running applications • Persist the changes across application restarts • View status and metrics for running applications • Perform operations on running applications, such as freeing memory in SESM web portals Two types of management windows are available: • Operational Scenarios—These windows offer convenient access to the subset of attributes that are most likely to require changes during production deployments. The scenarios present matrixes of attribute settings by application, enabling administrators to easily compare and change the settings for the same attribute for multiple applications of the same type. • Advanced Windows—These windows provide access to all attributes in all MBeans used by an application. They include the read-only attributes that provide status and metrics for running applications.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 1-1 Chapter 1 Introduction SESM Installation Images
SESM Installation Images
The installation images for SESM are available from the product CD-ROM or from the Cisco web site. SESM images are available for the Sun Solaris, Linux, and Windows platforms. Table 1-1 shows the names of the compressed and executable files (Note that “x.x.x” is used to denote version number).
Table 1-1 Installation Image Filenames
Executable Installation Platform Compressed Filename Filename Solaris sesm-x.x.x-pkg-sol.tar sesm_sol.bin Linux sesm-x.x.x-pkg-linux.tar sesm_linux.bin Windows sesm-x.x.x-pkg-win32.zip sesm_win.exe
The procedures for obtaining the installation images are detailed in the Cisco Subscriber Edge Services Manager Installation Guide.
Subscriber and Service Profiles
SESM solutions require detailed data about subscribers and the services they are authorized to use. We refer to this data as profiles: • Subscriber profiles—Define authentication information, subscribed services, and information about connection and service options and preferences for each subscriber. • Service profiles—Define connection information for the services that subscribers can subscribe and connect to. The SESM solution integrates with any one or a combination of the following options to obtain subscriber and service data: • An AAA database managed and accessed by a RADIUS server. • An SPE database (an LDAP directory or RDBMS) accessed through the Cisco SPE application programming interface (API). In SESM deployments, the Cisco Distributed Administration Tool (CDAT) manages the subscriber and service profiles in the database. • A flat file in Merit format, accessed by an appropriately configured RDP application or SESM portals running in Demo mode.
Cisco Subscriber Edge Services Manager Application Management Guide 1-2 OL-3983-02 Chapter 1 Introduction SESM Reference Network Diagram
SESM Reference Network Diagram
The following figure shows SESM applications in a hypothetical deployment. Actual deployments might not use all of the components shown. Item number 9 is the subject of this guide.
Figure 1-1 SESM Network Diagram
RADIUS SPE 7 Database RDP Server 8 9 CDAT and Application Manager 6 Captive Portal Default network 10 4 SESM WSG 5 SESM Billing Server 1 Web Portals 11 Subscriber access media
www.yahoo.com Internet ADSL www.games.com PC www.yourbank.com
Lease line 12 2 WAP SSG Dial Content Services Gateway(CSG)
PDA 3 GGSN/PDSN Corporate Open VPN garden
Notebook 802.11b 87606
1 Subscriber access media—SESM applications and solutions are independent of the access media. 2 Service Selection Gateway (SSG)— Most SESM solutions work with and require a Cisco gateway such as the SSG. The SSG is a feature in the Cisco IOS software running on a Cisco device. The SSG provides authentication, service connection, connection management, and SESM session capabilities. The SESM portals provide the subscriber’s interface to SSG for those services. Content Services Gateway (CSG)—An optional gateway that provides content billing services to the SESM solution. 3 Open garden—The open garden is an SSG feature that allows subscriber access to preconfigured networks without authentication. Packets destined for open garden networks are not accounted for nor subject to access control by the SSG.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 1-3 Chapter 1 Introduction SESM Application Management
4 Default network—The SESM applications must run on systems on the SSG default network. The default network (and open gardens, if configured) are always accessible to subscribers. 5 SESM web portals—Subscribers access the SESM portal using a web browser. The portal provides the following features: subscriber interface to SSG; one-stop access to services; location-based branding; firewall provisioning; access to the Cisco Subscriber Policy Engine (SPE) self-care features such as registration, service subscription, account maintenance, and subaccount management. The access provider (the SESM deployer) presents these features on personalized browser pages shaped by dimensions such as access device, language preference, and location. The SESM packages include a number of sample web portal applications. In addition, the captive portal applications are also SESM web portals. 6 Captive portals—Captive portal applications are specialized SESM web portals that work with the SSG and other SESM web portals to capture, analyze, and redirect packets for various purposes, including messaging, advertising, or displaying logon pages in response to unauthenticated access attempts and unconnected service requests. 7 Profiles—SESM solutions are based on subscriber and service data stored in RADIUS or SPE databases. 8 SESM RADIUS Data Proxy (RDP)—The RDP application is a RADIUS server compliant with RFC 2865 and is the required RADIUS server for SESM SPE-mode deployments. RDP provides access to profiles on the SPE database. Deployers can configure RDP to proxy requests to other RADIUS servers or flat files. Domain-based proxying forwards requests to multiple RADIUS servers based on the IP domain in subscriber and service names. 9 Cisco Distributed Administration Tool (CDAT)—CDAT is a web-based GUI tool for managing the SPE extensions in an LDAP directory. CDAT provides the means for creating and maintaining user (subscriber) and service profiles, user groups, service groups, roles, and policy rules for the RBAC model. Application Manager—The Application Manager is a web-based GUI for remotely managing SESM applications in a distributed deployment. The managed applications can be SESM web portals, captive portals, RDP, CDAT, WSG, and the Application Manager itself. Administrators use the Application Manager to access the configuration attributes in the Java Management Extensions (JMX) MBeans used by these SESM applications. 10 Web Services Gateways (WSG)—The SESM WSG applications provide a Simple Objects Access Protocol (SOAP)-based interface enabling third-party web portals and subscriber management systems to integrate with the SESM and SSG solution. Any client application can interface with SSG through a WSG using SOAP over HTTP communication. 11 Billing server—A third-party billing server is required if the SSG Prepaid feature is included in the solution. 12 Services—SESM applications work in conjunction with the Cisco gateway components to provide a one-stop interface for activating multiple services. SESM can provide the activation interface for any service type supported by the gateway component. Service information exists in the service profiles.
SESM Application Management
SESM uses the Java Management Extensions (JMX) specification and its related JMX MBean standards for application configuration. For descriptions of these standards, go to: http://java.sun.com/products/JavaManagement
A brief introduction to JMX terminology and its relationship to SESM application management follows: • JMX manageable resources—Java objects instrumented to allow spontaneous management by any JMX compliant agent. Each SESM application contains JMX manageable resources. • JMX agent— A management entity implemented in accordance with the JMX Agent Specification. For SESM, the agent is the Cisco ConfigAgent.
Cisco Subscriber Edge Services Manager Application Management Guide 1-4 OL-3983-02 Chapter 1 Introduction SESM Documentation Map
• Managed beans (MBeans)—Java objects that represent a JMX manageable resource. MBeans for each SESM application are specified in XML files installed in the application’s config directory under the SESM installation directory. • JMX server ( also called the MBean server)—A registry for objects that are exposed to management operations by an agent. Any object that is registered with the JMX server becomes visible to the agent. In SESM applications, MBeans are registered by the ConfigAgent or by other MBeans. Administrators can change SESM application configuration by changing the attribute values in MBeans. In SESM Release 3.2, use any of these ways to change MBean attribute values: • Use the Application Manager, a web-based GUI tool. This is the preferred way to manage running SESM applications. The tool includes: – Operational scenarios that present the most-used attributes for quick access and adjustments. – Advanced screens that present all attributes. – A bulk upload feature for importing large mappings of subscriber subnets to SSGs. • Manually edit the XML files associated with the application. XML files are located in the application’s config directory (for example, nwsp/config/nwsp.xml). If you use this method, you must stop and restart the application before the changes take effect. • Use the SESM Agent View, a web-based view of managed resources and associated MBeans. The Agent View is an adaptation of the Management Console provided by the HTML adaptor server, which is included with the Sun example JMX server. The Cisco adaptations add persistence features to the server.
Note The Application Manager replaces the SESM Agent View. The Agent View is included in this SESM release to provide convenience and continuity during migrations from previous releases.
SESM Documentation Map
Table 1-2 can help you to locate information in the SESM documentation set. Go to the following URL to access the online version of the SESM documentation: http://www.cisco.com/univercd/cc/td/doc/solution/sesm/index.htm
Table 1-2 SESM Documentation Map
To Learn About Read SESM Features Cisco Subscriber Edge Services Manager Solutions Guide Cisco Subscriber Edge Services Manager Web Portal Guide Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide Cisco Subscriber Edge Services Manager Captive Portal Guide SESM Deployment Cisco Subscriber Edge Services Manager Quick Start Guide Cisco Subscriber Edge Services Manager Installation Guide Cisco Subscriber Edge Services Manager Deployment Guide
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 1-5 Chapter 1 Introduction SESM Documentation Map
To Learn About Read SESM Application Cisco Subscriber Edge Services Manager Application Management Guide Management and Cisco Subscriber Edge Services Manager Web Portal Guide Configuration Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide Cisco Subscriber Edge Services Manager Captive Portal Guide Profile Management Cisco Subscriber Edge Services Manager Deployment Guide RADIUS Profile Management Cisco Distributed Administration Tool Guide SPE SPE Role Based Access Cisco Distributed Administration Tool Guide Control (RBAC) Troubleshooting Release Notes for the Cisco Subscriber Edge Services Manager, Release 3.2 Cisco Subscriber Edge Services Manager Troubleshooting Guide SESM Portal Cisco Subscriber Edge Services Manager Web Developer Guide Development JavaDoc (included with the software distribution) Web Services Gateway Cisco Subscriber Edge Services Manager Web Services Gateways Guide SESM Platform SDK Cisco Subscriber Edge Services Manager SDK Platform Programmer Guide Plug and Play Cisco Subscriber Edge Services Manager Plug and Play Guide Connectivity
Cisco Subscriber Edge Services Manager Application Management Guide 1-6 OL-3983-02
CHAPTER 2
Installing the Application Manager
This chapter describes how to install the Application Manager. Topics are: • Important Information about Installing Application Manager, page 2-1 • Recommended Browsers, page 2-1 • Reference to Detailed Installation Instructions, page 2-2 • Installation Results, page 2-2
Important Information about Installing Application Manager
The Application Manager is available for installation from any of the SESM installation packages. The following information is important to understand when installing the Application Manager: • The Application Manager is included in a typical installation. It is also included any time you install the CDAT component using a Custom installation. • The Application Manager is not included in a Demo installation • The Application Manager must run in a J2EE container. In SESM Release 3.2, the Application Manager is verified to run in the Jetty container. The installation program configures the Application Manager to run in a Jetty container.
Recommended Browsers
We recommend the following browsers for the Application Manager: • Microsoft Internet Explorer Versions 5.5 or later • Netscape Version 7 or later Operation on earlier versions of the above browsers and on other browsers is not verified.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 2-1 Chapter 2 Installing the Application Manager Reference to Detailed Installation Instructions
Reference to Detailed Installation Instructions
See the Cisco Subscriber Edge Services Manager Installation Guide for: • Installation platform requirements • Prerequisite steps to perform before running the installation program • Detailed installation procedures • Explanations of the configuration attributes presented by the installation program
Installation Results
The following directories and files in the SESM installation directory are related to the Application Manager: appmgmt config AdapterFactoryInit.xml docs webapp
The installation procedure adds startup scripts and container configuration files for the Application Manager and the RMI Registry to the jetty directory under your SESM installation directory: jetty bin runrmiregistry startAPPMGMT config appmgmt.jetty.xml
Each SESM application directory includes an rmi.xml file related to the Application Manager. For example: nwsp config rmi.xml
The exception is the RDP application. Rather than a separate rmi.xml file, the application management information is merged into the rdp.xml file. A start script for the RMI Registry is included in the RDP bin directory, along with the RDP start script. rdp config rdp.xml rdp bin runrmiregistry
Cisco Subscriber Edge Services Manager Application Management Guide 2-2 OL-3983-02
CHAPTER 3
Configuring the Application Manager
This chapter describes how to configure the Application Manager. Topics are: • Underlying Technology, page 3-1 • Required Configuration Procedures, page 3-3 • Adding New Applications to Manage, page 3-4 • Configuring Logon Values for the Application Manager, page 3-6
Underlying Technology
The Application Manager is a J2EE web application. It connects to remote applications and provides a management portal allowing those applications to be managed from a web browser. You can configure the Application Manager to manage multiple SESM applications on multiple host systems in various domains. There can be firewalls between the remote applications and the Application Manager. The term remote in this case means any SESM application running in a Java Virtual Machine other than the one in which the Application Manager is running. The Application Manager can be configured to register itself as a remote application and is then capable of managing itself. The Application Manager uses the Java Remote Method Invocation (Java RMI) to contact and manage remote SESM applications. For information about RMI technology, see the following URL: http://java.sun.com/products/jdk/rmi/ The Application Manager uses the RMI technology as follows: • Each SESM application has an RMI server, started by the SESM application startup scripts. (Each SESM application also has a JMX MBean server, also started by the SESM application startup scripts.) • Each host system on which a SESM application is running must be running an RMI Registry application. The SESM administrator must ensure that an RMI Registry is running whenever a SESM host system restarts. • When a SESM application starts, its RMI server registers itself with the RMI registry on its host system using a unique name. The name is specified in the rmi.xml file, which is in the SESM application directory under the SESM directory (for example, nwsp/config/rmi.xml).
Note The RDP application does not have a separate rmi.xml file; rather, the RMI configuration information is merged into the rdp.xml file.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 3-1 Chapter 3 Configuring the Application Manager Underlying Technology
• The Application Manager is an RMI client. It accesses the RMI Registry on each host for status and access information about the SESM applications running on the host. The AdapterFactoryInit.xml file specifies which applications the Application Manager should manage and the contact information (URL and port) for the RMI Registry on each host system. • Using information it obtains from the RMI Registry, the Application Manager connects to the SESM application. It obtains MBean attribute information from the application’s MBean server. • The Application Manager also has an RMI server and an MBean server, so that it can manage itself or other Application Manager instances. Figure 3-1 shows RMI elements in a SESM deployment distributed over four host systems.
Figure 3-1 Remote Management Using the Application Manager
RMI Registry
Application Manager
MBean RMI RMI Server Client Server
JVM host_1
RMI Registry RMI Registry RMI Registry
NWSP NWSP PDA MBean RMI MBean RMI MBean RMI Server Server Server Server Server Server
JVM JVM JVM host_2 host_4
WAP MBean RMI Server Server
JVM
host_3 87553
Cisco Subscriber Edge Services Manager Application Management Guide 3-2 OL-3983-02 Chapter 3 Configuring the Application Manager Required Configuration Procedures
Required Configuration Procedures
This section describes required configuration procedures. The topics are: • Granting Access to the RMI Registry, page 3-3 • Setting the Classpath and Running the RMI Registry, page 3-4
Granting Access to the RMI Registry
On each system that is hosting SESM applications, you must edit the JRE security file to grant permission to connect to the port that the RMI Registry is configured to use. If you do not have permission to edit the security file, ask your network administrator to perform this procedure. Follow these steps:
Step 1 Locate the JVM that the SESM applications are using at startup: • If an environment variable for $JDK_HOME variable is set on the system, use that path. • Otherwise, examine the generic start script in the jetty directory (for example, jetty/bin/start.sh) for the line that contains: set JDK_HOME=
The setting for $JDK_HOME in the above line depends on choices made during installation. It points to either: – The JRE bundled with SESM, installed under the SESM install directory, in the _jvm directory. – A JDK or JRE installed elsewhere on the system, whose pathname you provided during SESM installation. Step 2 Edit the following file: $JDK_HOME (as established in step 1) lib security java.policy
Step 3 In the grant section, add a new SocketPermission line that allows the RMI registry to connect to applcations. For example, find the first line below and add the second line : permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.net.SocketPermission “localhost:1099”, “connect, resolve”;
Note By convention, the port number for the RMI Registry is 1099. If you want the RMI Registry to execute on some other port, adjust the line above to reflect the correct port number (localhost:portno).
Step 4 Repeat the above procedure on every system that hosts SESM applications that you want to manage.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 3-3 Chapter 3 Configuring the Application Manager Adding New Applications to Manage
Setting the Classpath and Running the RMI Registry
On each system that is hosting SESM applications, you must configure and start the RMI Registry before starting any of the SESM applications. Once started, the RMI Registry usually runs continuously until the system reboots. To configure and start the RMI Registry, follow these steps:
Step 1 Run the RMI startup script. The script is located in: jetty bin runrmiregistry
or rdp bin runrmiregistry
By default, the RMI Registry runs on port 1099. If you want to start it on a different port, you can include the port number on the command line when you execute the runrmiregistry script. The runrmiregistry script will pass along any standard arguments that the rmiregistry program accepts. Step 2 To ensure that the Registry is restarted whenever the system reboots, we recommend that you add the runrmiregistry script to the server’s automatic startup procedures. Step 3 Repeat the above procedure on every system that hosts SESM applications that you want to manage.
The runrmiregistry script does the following: 1. Executes the appropriate command to add the mx4j-tools.jar file in the SESM installation directory to your CLASSPATH variable. On Solaris and Linux: setenv CLASSPATH $CLASSPATH\:installDir/redist/mx4j/lib/mx4j-tools.jar On Windows, use Settings > Control Panel > System > Advanced (or similar menu items and tabs) to access the environment variables window. In the list of system variables, create or add to the CLASSPATH variable. Variable name: CLASSPATH Required path to include: Drive:\installDir\redist\mx4j\lib\mx4j-tools.jar 2. Locates the JRE that the SESM applications are using, as described in the “Granting Access to the RMI Registry” section on page 3-3. 3. Starts the RMI Registry. The executable is: $JDK_HOME bin rmiregistry
Adding New Applications to Manage
This section describes how to add a new SESM application or application instance to the list of remotely managed applications.
Cisco Subscriber Edge Services Manager Application Management Guide 3-4 OL-3983-02 Chapter 3 Configuring the Application Manager Adding New Applications to Manage
Note Skip this section if you installed all of the SESM applications on the same host system with the Application Manager, during the same installation session.The installation program already performed the steps described in this section for those applications.
To configure a new SESM application so that the Application Manager can remotely manage it, follow these steps:
Step 1 Make sure the JNDIName attribute in the application’s rmi.xml file is unique on the host system. a. Open the rmi.xml file in the application directory. For example, if you are adding a new instance of NWSP, open the following: nwsp config rmi.xml
Note The exception is the RDP application. Rather than a separate rmi.xml file, the application management information is merged into the rdp.xml file.
b. Locate the lines that define the JNDIName. For example:
c. If the value of JNDIName is not unique on the system, change the name. The SESM installation program sets the JNDIName to the following value: applicationName_systemName_applicationPortNo
Note The JNDIName for NWSP, WAP, and PDA applications are not unique after installation. The installation program uses the same value for applicationName (webapp) for all of the sample portal applications.
Step 2 Add or change a corresponding entry in the AdapterFactoryInit.xml file in the Application Manager config directory. a. Edit the following file: appmgmt config AdapterFactoryInit.xml
b. Make sure the file contains AdapterMapping entries that correspond to the application you named in Step 1.
In the above lines: – The name attribute specifies the name used in the Application Manager list of applications. It does not have to match any other configured values, but debugging will be easier if the name displayed in the windows matches the configured JNDIName.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 3-5 Chapter 3 Configuring the Application Manager Configuring Logon Values for the Application Manager
– The JNDIName attribute value must match the name you used in the rmi.xml file. – The JNDIName attribute value must be unique for each application on the host system. – The RMIURL attribute value must be: rmi://hostName:portNo
Where: hostName is the fully qualified hostname or host IP address on which the application named in JNDIName runs. portNo is the port number the RMI Registry was started on. The default is port 1099.
Configuring Logon Values for the Application Manager
To access the Application Manager, you must enter a user ID and password. 1. User ID—Enter a user ID that you want to have access to the Application Manager. The default value is MgmtUser. 2. Password—Enter a password that will be required to access the Application Manager. The default is MgmtPassword.
Cisco Subscriber Edge Services Manager Application Management Guide 3-6 OL-3983-02 CHAPTER 4
Running the Application Manager
This chapter describes how to start and run the Subscriber Edge Services Manager (SESM) Application Manager. Topics are: • Startup Procedures for Application Manager, page 4-1 • Troubleshooting Application Manager Startup, page 4-2 • Stopping the Application Manager, page 4-4 • Adding and Removing Services on Windows, page 4-4
Startup Procedures for Application Manager
Use the following procedure to start the Application Manager:
Step 1 On each of the SESM application host systems, make sure that the RMI Registry (rmiregistry) is running. If the rmiregistry process is not running, you can start it with the following script in the SESM installation directory: jetty bin runrmiregistry
See “Setting the Classpath and Running the RMI Registry” section on page 3-4. Once started, the RMI Registry usually runs continuously until the system reboots. Step 2 Start the SESM applications on each host system.
Note Applications register with the RMI registry at application startup. The RMI Registry must be running on the system before you start the SESM applications on that system.
Step 3 Start the Application Manager. The startup script is in the SESM installation directory with other SESM web application startup scripts: jetty bin startAPPMGMT
Step 4 Open a web browser. See the “Recommended Browsers” section on page 2-1.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 4-1 Chapter 4 Running the Application Manager Troubleshooting Application Manager Startup
Step 5 Navigate to the Application Management URL. You can either: a. Click the Application Management link on the CDAT main page, or b. Enter the Application Management URL in the browser. For example: http://localhost:8082 The URL is: http://hostName:portNo
Where: hostName is the IP address or host name of the system where the Application Manager is running portNo is the Application Management port, specified in the startAPPMGMT startup script. The Application Management logon page appears. Step 6 Log in using a valid user name and password. See “Configuring Logon Values for the Application Manager” section on page 3-6. The Application Management main window appears. See Figure 4-1.
Figure 4-1 Application Management Main Window
The tabs at the top of the window control the type of management you can perform. • Configuration Tab (selected by default)—Accesses the SESM operational scenarios. To enter an operational scenario, click one of the menu items on the second line of the window. For more information, see Chapter 5, “Using the Application Manager Operational Scenarios.” • Advanced Tab—Accesses the MBean details for individual applications. For more information, see Chapter 6, “Using the Application Manager Advanced Windows.”
Troubleshooting Application Manager Startup
If the main window does not appear: • Check the Application Manager URL. Make sure the port number in the URL matches the port number used at startup. The startAPPMGMT script sets the port number. ‘ • Check the Application Manager logs in: appmgmt logs
Cisco Subscriber Edge Services Manager Application Management Guide 4-2 OL-3983-02 Chapter 4 Running the Application Manager Troubleshooting Application Manager Startup
If applications that you have configured for management do not appear in the operational scenarios, check the following: • Make sure the RMI Registry is running on the systems that are hosting the SESM applications. See “Setting the Classpath and Running the RMI Registry” section on page 3-4 for a description of the rmiregistry script and what it does. • Make sure the RMI Registry is running before you start the SESM applications that you want to manage. • Mare sure that the RMI Registry port is correctly specified in the RMIURL attribute in the AdapterFactoryInit.xml file. The default port used by the rmiregistry startup script is 1099. For example:
• Make sure the CLASSPATH environment variable contains the correct path name to the installDir/redist/mx4j/lib/mx4j-tools.jar file in the SESM installation directory. You must change the CLASSPATH variable if you reinstall the product into a different directory. If you have to change the CLASSPATH value, stop and restart the rmiregistry process. • Make sure the JNDIName attributes in the application rmi.xml files specify a unique names for each application running on a system.
Note The RDP application does not use a separate rmi.xml file. The JNDIName attribute is in the rdp.xml file.
• Make sure the JNDIName attribute values in the application rmi.xml files match the JNDIName attribute values in the AdapterFactoryInit.xml file. The relevant path names are: nwsp (or other application name) config rmi.xml appmgmt config AdapterFactoryInit.xml
For example, the following line is extracted from nwsp/config/rmi.xml:
The following lines are extracted from appmgmt/config/AdapterFactoryInit.xml:
Note The name attribute specifies the name displayed in the Application Manager window. It does not have to match the JNDIName, but matching names aids debugging.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 4-3 Chapter 4 Running the Application Manager Stopping the Application Manager
Stopping the Application Manager
To stop the Application Manager on Solaris and Linux, execute the following script. The script does not accept arguments. jetty/bin/stopAPPMGMT.sh
To stop the Application Manager on Windows, you can: • Open the Task Manager window, select the appropriate task, and click the End Task button. If you are prompted again, click the End Now button. • If you added the application as an NT service, you can use the Services window to stop the service. Open Control Panel > Services or Control Panel > Administrative Tools > Services and select the service you want to stop. Use the menu commands on the Services window to stop the selected service.
Adding and Removing Services on Windows
On a Windows platform, you can add SESM applications to the list of Windows services. When an application is a service, it appears in the Services window accessed from the control panel. You can start and stop any service from this window. You can optionally configure a service to start automatically when the system reboots. The SESM installation program provides service scripts for the RMI Registry and Application Manager, as well as for the web portals, CDAT, and RDP applications. The command syntax is the same for all of the service scripts: • scriptName -i installs the application as a service so that it can be managed from the Services window • scriptName -h displays the command usage • scriptName -r removes the application from the Services window Table 4-1 lists the names and locations of the scripts that add and remove services for application management.
Table 4-1 Scripts for Adding and Removing Services on Windows
Services Script Location and Name Default Service Name jetty\bin\appmgmtsvc.cmd Application Management
Service Dependencies
If you select the automatic startup option for SESM applications, make sure the dependencies are set correctly. • On each system that is hosting SESM applications, the RMI Registry must start before the SESM applications. • The Application Manager, which may or may not be on the same system as other SESM applications, can start before or after the applications it manages. The Application Manager picks up newly started applications whenever you display a new window or refresh the current window, if the configuration files include the newly started application.
Cisco Subscriber Edge Services Manager Application Management Guide 4-4 OL-3983-02 CHAPTER 5
Using the Application Manager Operational Scenarios
This chapter describes how to use the Subscriber Edge Services Manager (SESM) Application Manager operational scenarios. Topics are: • Purpose of Operational Scenarios, page 5-1 • Accessing the Operational Scenarios, page 5-2 • General Instructions for Using the Operational Scenarios, page 5-4 • Operational Scenario Descriptions, page 5-5
Purpose of Operational Scenarios
The operational scenarios offer access to the subset of attributes that are most likely to require changes during production deployments. The scenarios present matrixes of attribute settings by application, enabling administrators to easily compare and change the settings for the same attribute for multiple applications of the same type. You might want to switch to the advanced windows for the following reasons: • Check the status of managed applications • Connect to applications that were started after the Application Manager was started • Connect to applications that were previously unmanageable, but are now available for management • Change attributes that are not included on the operational scenarios • View monitoring (read-only) attribute values To use the advanced windows, click the Advanced tab. For more information about the Advanced windows, see Chapter 6, “Using the Application Manager Advanced Windows.”
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-1 Chapter 5 Using the Application Manager Operational Scenarios Accessing the Operational Scenarios
Accessing the Operational Scenarios
To display the operational scenarios, follow these steps:
Step 1 Click the Configuration tab in the first row in the Application Manager window. (Figure 5-1.)
Figure 5-1 Tabs Row
Step 2 Click the area of interest in the second row on the Application Manager window. (Figure 5-2.)
Figure 5-2 Interest Row
Step 3 If a Table of Contents (TOC) appears on the left of the Application Manager window, click an item from the TOC. (Figure 5-3.)
Figure 5-3 Scenario Table of Contents
The selected operational scenario displays. (Figure 5-4.)
Cisco Subscriber Edge Services Manager Application Management Guide 5-2 OL-3983-02 Chapter 5 Using the Application Manager Operational Scenarios Accessing the Operational Scenarios
Figure 5-4 SESM Application Logging Scenario
Researching Applications Not Appearing on an Operational Scenario
Each operational scenario lists the currently managed applications that use the MBeans represented in the scenario. To appear in the list on an operational scenario window, an application must be: • Started after the RMI registry on the application’s system was started • Currently running • Configured to be managed by the Application Manager • Using the MBean that the operational scenario represents If you do not see all of the applications that you expected to see in an operational scenario, follow these steps:
Step 1 Click the Advanced tab. The Advanced window shows the status of all applications listed in the AdapterFactoryInit.xml file. Step 2 If the application you are looking for is not in the list, check the AdapterFactoryInit.xml file for a configuration error. Step 3 If the application you are looking for is in the list with a status of Not Managed, it means that the Application Manager is not connected to that application. Click the Connect button to attempt to connect to it. Step 4 If connection fails or if the application is not in the list on the Advanced window, see the “Troubleshooting Application Manager Startup” section on page 4-2.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-3 Chapter 5 Using the Application Manager Operational Scenarios General Instructions for Using the Operational Scenarios
General Instructions for Using the Operational Scenarios
This section contains general instructions for using the operational scenario windows.
Changing Attribute Values
To change an attribute value:
Step 1 Click the attribute you want to change. Step 2 Enter or select the new value. • For fields with predefined values, a small drop down box appears in the cell. Select the value you want in the drop-down box. • For fields that do not have predefined values, a small string input box appears in the cell. Enter the new value in the box. • For fields that are arrays or maps, a hot text link appears in the cell. Click the link to go to another page that lists the items in the array or map, and the current settings for each field. You can create or delete items, or change the values of fields for the existing items. • If an attribute field is blank, it means that the application in that row does not have a value set for that attribute. Step 3 Press Return after you edit a value to transmit the change.
Note The font in a changed field turns bold. If the font of an edited field is not bold, the change was not recognized and will not be applied.
Step 4 Click Apply to make the changes take effect, or click Reset to reverse the changes you made since you last clicked Apply.
Changing Column Widths
You can adjust the width of any attribute column by dragging the column divider line in the header.
Changing List Ordering
By default, records on the Operational Scenario windows are ordered in ascending order by application name. You can change the ordering as follows: • To use a different column as the basis for record ordering, click in that column’s header. • To switch between ascending and descending order of values in a specific column, click the arrow in the column’s header. The arrow’s orientation (pointing up or pointing down) indicates the current ordering.
Cisco Subscriber Edge Services Manager Application Management Guide 5-4 OL-3983-02 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Button Operations
Table 5-1 describes the buttons on the operational scenario windows.
Table 5-1 Buttons in Operational Scenarios
Button Explanation Apply Performs both of the following operations, unless the Application Manager displays a message stating otherwise: • Sends the attribute changes to the running application. • Persists the attribute changes for future restarts by storing the changed MBean in the application’s configuration file (for example, nwsp.xml). The persistence (store) operation obtains the run-time value of all attributes in an MBean, and writes over the MBean in the XML file. The write has the following effects on the contents of the XML file: • Deletes any
Operational Scenario Descriptions
The following operational scenarios are available in this SESM release. • CDAT Session—Configures session attributes for LDAP directory management sessions in CDAT. This scenario is relevant only to the CDAT application. • Deployment—Configures SESM portal applications. • Firewalls—Configures attributes that control the display of the My Firewall page in NWSP. This scenario is relevant only to SESM portals deployed in SPE mode. • Logging—Configures attributes that control logging and debugging for both the Jetty server and the SESM applications. This scenario is relevant to all SESM applications. • RADIUS Dictionary—Defines new RADIUS attributes to SESM deployments. A new attribute is any attribute not predefined in the SESM core model. This scenario is relevant only to SESM applications that use the RADIUS Dictionary MBean (RDP, Bundled RADIUS server, and the SESM Proxy Server).
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-5 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
• RDP—Configures RDP. This scenario is relevant only to the RDP application. • SPE—Configures the SPE MBeans. This scenario is relevant only to SESM applications that connect to an LDAP directory using the SPE (CDAT, SESM portals running in SPE mode, and RDP). • SSG—Configures the client to SSG mappings that determine which SSG handles a subscriber session if the port bundle host key feature is not being used. This scenario includes a bulk upload feature that copies the mappings from one application into other applications. This scenario is relevant to SESM portal applications when the port bundle host key feature is not used.
CDAT Session Operational Scenario
Table 5-2 describes the attributes in the CDAT operational scenario.
Table 5-2 CDAT Session Operational Scenario
Attribute Explanation queryTimeout The timeout (in milliseconds) for queries to the LDAP directory. Changes to this attribute value take immediate effect. A value of zero is an infinite timeout value. Default: 0 (milliseconds) sessionTimeout The maximum period of inactivity allowed after logging into a CDAT directory management session. When this time period elapses with no activity, CDAT logs the user out. Values are in seconds. A negative value prevents the user from ever being logged out. Changes to this attribute value take effect for subsequent logins. Default setting: 600 (seconds)
Deployment Operational Scenario
The Deployment tab presents a Table of Contents with the following options: • Web Applications—Configures the following options for the SESM portal applications: – Single Sign On – Auto Connect This window also displays the portal application mode (values are RADIUS, SPE, or Demo) as a read-only value. A change in the mode usually requires additional changes to other MBeans as well., and is therefore not permitted on the operation scenario window. You can use the Advanced windows or manually edit the configuration files to change the mode. You can also override the mode setting in the XML file at startup time with the command-line mode argument. • Confirmation Settings—Configures options that control whether to display a confirmation message to the subscriber before performing a requested action: – Account Logoff—Before logging out of a SESM session. – Service logoff—Before disconnecting the subscriber from a service. – Service logon—Before logging onto a service using the subscriber’s stored logon information. – Mutex Disconnect—Before disconnecting a service in a mutually exclusive service group, when the subscriber requests a connection to another service in the group.
Cisco Subscriber Edge Services Manager Application Management Guide 5-6 OL-3983-02 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
• Timeout Settings—Configures the following cache attributes. – Session Cache Period – Profile Cache Period • Application Memory—Displays memory attributes and provides a way to clear the Java virtual memory for an application. This window shows two read-only attributes and one operational button: – Free Memory—Shows available virtual memory. If subscribers attempting to log onto SESM start receiving “Server Busy” messages, consider using the Free Memory button to create more free memory. – Total Memory—Shows the total Java virtual memory allocated to the application. If an application requires frequent use of the Free Memory button, consider increasing the application’s total memory. To increase total memory, edit the Java command at the end of the generic startup script. The setting for Java virtual memory at installation is 64M, as shown in the following line extracted from the generic start script on Windows: rem Make the initial heap the same size as the maximum heap. rem It aids the internal memory management. "%JAVA%" -Xms64m -Xmx64m ^
– Free Memory button—Use this button to clear the application’s cache and create free memory. Freeing memory does not affect current sessions; SESM obtains session status from SSG whenever it needs it.
Firewalls Operational Scenario
Table 5-3 describes the attributes in the Firewalls operational scenario. See the Cisco Subscriber Edge Services Manager Web Portal Guide for more information about these attributes.
Table 5-3 Firewalls Operational Scenario
Attribute Explanation Protocols Defines firewall protocols. The list includes both the SESM predefined protocols and the customized entries added by the deployer. You can add more customized entries and edit or remove existing customized entries. Applications Defines firewall applications. The list includes both the SESM predefined applications and the customized entries added by the deployer. You can add more customized entries and edit or remove existing customized entries. Display Specifies the firewall applications that you want to display on the NWSP My Applications Firewall page, in the Applications/Protocols column. The column on the left shows all of the configured applications. The column on the right shows the applications to be displayed on the MyFirewall page.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-7 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Table 5-3 Firewalls Operational Scenario
Attribute Explanation direction Specifies direction (in or out) for the default access control direction in the ACLs created by SESM. See the Cisco Subscriber Edge Services Manager Web Portal Guide for more information about created ACLs. Value values for direction are: • in—Upstream, from the subscriber • out—Downstream, to the subscriber All connections have a return path. A block on in also affects traffic traveling in the opposite direction, and vice-versa. For any ACL, the choice of whether to control the in or out direction is a matter of preference. returnOption Sets the return option for TCP applications. Recommended values are: permit and default. Default refers to the Permit/Deny All Else button on the My Farewell page. Default: permit
Logging Operational Scenario
The Logging tab presents a Table of Contents with the following options: • SESM Applications—Select this option to configure the Logger MBean used by all SESM applications. This MBean configures the application log, which records logging and debugging messages from a SESM application. The default location and name of this log is: application.home/logs/yyyy_mm_dd.application.log • Jetty Web Servers—Select this option to configure the Log MBean used by the Jetty Server. This MBean configures the Jetty log, which records logging and debugging messages from Jetty. The logging messages record the startup of the Jetty server and all ongoing activity, such as errors trapped by the Jetty server and HTTP errors. The default location and name of this log is: application.home/logs/yyyy_mm_dd.jetty.log The application.home value is set in the application startup script. The Logging Operational Scenario offers a quick way to turn various logging levels on and off. See Chapter 7, “Logging and Debugging in SESM Applications,” for more information about configuring and using log files.
Cisco Subscriber Edge Services Manager Application Management Guide 5-8 OL-3983-02 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Figure 5-5 Jetty Web Server Logging Configuration
RADIUS Dictionary Operational Scenario
The RADIUS Dictionary operational scenario provides a way to add new RADIUS attributes to a SESM deployment. This scenario is relevant only for applications that use the RADIUS Dictionary MBean (RDP applications and tools).
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-9 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Table 5-4 describes the attributes in the RADIUS Dictionary window.
Table 5-4 RADIUS Dictionary Operational Scenario
Attribute Explanation RADIUS Attributes An array of new attribute definitions. To define a new attribute, add a new item to this array. The format for an item is: name(radiusAttributeId,vendorId,vendorSubattribute,datatype) Where: • name—The new attribute name. • radiusAttributeId—Use attribute value 26, the vendor-specific attribute. • vendorId—A RADIUS vendor ID. • vendorSubattribute—A unique number that distinguishes this attribute from other VSAs for the same vendor. • datatype—One of the following values: BINARY, STRING, INTEGER, IPADDRESS. When datatype is BINARY, the value assigned to the attribute must be expressed as a hexadecimal string. An example follows: demoVSA(26,1,1,BINARY) Other valid syntax formats are represented below: name([[type=]26],[vendorId=]vendorId,[vendorType=]vendorType,[dataType=] dataType) For example: demoVSA(type=26,vendorId=1,vendorType=1,dataType=INTEGER)
RDP Operational Scenario
Table 5-5 describes the attributes in the RDP operational scenario.
Table 5-5 RDP Operational Scenario
Attribute Explanation AuthAttributes This attribute applies only when authentication is performed by SPE and you require additional keys for subscriber authentication. The USER_NAME is always required and should not appear in the list. RDP is installed with one additional key, PASSWORD. Any other standard RADIUS attribute can be used for multi-key authentication. RADIUS The profile passwords are required by certain DESS profile handlers. These Passwords passwords might be optional in your deployment. See the Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide for more information.
Cisco Subscriber Edge Services Manager Application Management Guide 5-10 OL-3983-02 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Table 5-5 RDP Operational Scenario
Attribute Explanation AutoService The service options apply only when authorization is performed by SPE. These Group options control the type of service information that the DESS authorization handler adds to authentication replies from RDP to SSG. Service For more information about these options and the additional requirements associated with them, see the “Service Options Description” in the Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide.
SPE Operational Scenario
Table 5-6 describes the attributes in the SPE operational scenario.
Table 5-6 SPE Operational Scenario
Attribute Explanation Session Timeout Specifies the timeout of inactive client sessions in seconds. Default: 600 Expire Interval Specifies the interval in seconds after which the cache attempts to expire objects. Note Do not set this attribute to 0. A value of 0 causes every request to go to the directory, bypassing caching and any memory storage from a recent request for the same object. A value of 0 degrades performance substantially.
Default: 600 Object Timeout Specifies the number of seconds before objects time out. Default: 600
SSG Operational Scenario
The SSG operational scenario presents a Table of Contents with the following choices. • SSG Mappings—Use this scenario to configure SSG MBean attributes for SESM portals. The SSG MBean configures the SSG communication and session handling attributes. • Bulk Upload of SSG Mappings—Use this scenario to upload SSG MBean attributes from an existing file into one or more web portal configuration files.
SSG Mappings Scenario
Figure 5-6 shows the SSG Mappings window.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-11 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Figure 5-6 SSG Mappings
Use the SSG Mappings scenario to perform the following tasks: • Map specific SSGs to specific subscriber subnets—Applies only when the port bundle host key feature is not used on the SSGs. • Set global attribute values for all subnets—The global values apply to all subnets. • Set subnet values that override the global attribute. After configuring one application, you can use the Bulk Upload scenario to apply the configuration to other applications. If you have multiple instances of the same SESM portal application running on the network, it is important to configure all the SSGs the same way. Table 5-7 describes the attributes in the SSG Mapping operational scenario.
Cisco Subscriber Edge Services Manager Application Management Guide 5-12 OL-3983-02 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Table 5-7 SSG Mappings Operational Scenario
Attribute Subattribute Explanation Subnet To configure subnet attributes, click Configure in the Subnet Attributes column. The Attributes window shows the subnet attribute entries that are currently defined in the SSG MBean for the application. Use the buttons as follows: • Create—Adds a new subnet entry to the XML file. • Edit—Changes the selected subnet entry. • Delete—Deletes the selected subnet entry. Subnet IP The subnet for which you are explicitly setting a value, overriding the globally set value. Net Mask The mask that can be applied to the subscriber’s IP address to derive the subnet. Attribute Name The name of the attribute that you are explicitly setting for the specified subnet. It can be any of the following values. • IP—Use the attribute name “IP” to map a specific SSG to a subnet. In the attribute value field (see below), enter the IP address of an SSG. • Any globally set attribute name—Use the global attribute name that you want to override for the specified subnet. In the attribute value field, enter the override value. Attribute Value The value for attribute name. Global RETRIES To configure global values, click Configure in the Attributes Global Attributes column. The window shows the SEND_FRAMED_IP global attributes that are currently defined in the SSG TIMEOUTSECS MBean for the application. PORT Use the buttons as follows: SECRET • Create—Adds another global attribute to your THROTTLE configuration. MASK • Edit—Changes the value of one of the global attributes. BUNDLE_LENGTH • Delete—Deletes the global attribute from your SESSION_LOCATION configuration. SESSION_BRAND Note The following attributes are required, and must MIN_LOCAL_PORT be set either globally or locally: PORT, SECRET, BUNDLE_LENGTH. MAX_LOCAL_PORT See the “JMX MBeans for SESM Web Portals” chapter in the Cisco Subscriber Edge Services Manager Web Portal Guide for more information about setting these attributes.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 5-13 Chapter 5 Using the Application Manager Operational Scenarios Operational Scenario Descriptions
Bulk Upload Scenario
Figure 5-7 shows the SSG Bulk Upload window.
Figure 5-7 SSG Bulk Upload Window
To perform a bulk upload, first you must prepare the file to upload. The requirements for this file are: • The file must contain a complete SSG MBean. The upload procedure replaces the SSG MBean for the selected application with the SSG MBean in the referenced file. The SSG MBean starts with the following line:
and ends with the following line:
• The file may contain more than the SSG MBean. The extraneous information is ignored. • The file must be stored in a location that is accessible using a URL; that is, it must be stored under a web server directory structure (WEB-INF). For example, if you store the prepared file in the following location: nwsp webapp WEB-INF ssg.xml
the URL to access the file is http://nwspServer:8080/ssg.xml Table 5-8 describes how to use the Bulk Upload operational scenario.
Table 5-8 SSG Bulk Upload Operational Scenario
Attribute Explanation XML File URL Enter the URL of the file containing the SSG MBean you want to copy and apply to another application. Apply to Server Select the SESM portal application that you want to configure. Use the Apply button to import the SSG MBean from the specified XML file into the selected application’s XML file.
Cisco Subscriber Edge Services Manager Application Management Guide 5-14 OL-3983-02
CHAPTER 6
Using the Application Manager Advanced Windows
This chapter describes how to use the Cisco Subscriber Edge Services Manager (SESM) Application Manager Advanced windows. Topics are: • Introduction, page 6-1 • Accessing the Advanced Windows, page 6-2 • Buttons on the MBean Windows, page 6-5
Introduction
The Application Manager advanced windows display the current value of any attribute in any MBean in the managed applications. The advanced windows display each application separately. Use the advanced windows to: • Check the status of managed applications • Connect to applications that were started after the Application Manager was started • Connect to applications that were previously unmanageable, but are now available for management • Change attributes that are not included on the operational scenarios • View monitoring (read-only) attribute values The Application Manager advanced windows present an interface very similar to the AgentView remote management tool in previous SESM releases.
Note In this release, the Advanced windows do not support updating of array types.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 6-1 Chapter 6 Using the Application Manager Advanced Windows Accessing the Advanced Windows
Accessing the Advanced Windows
To access the advanced window for an application:
Step 1 Click the Advanced tab on the top line of the SESM Application Manager window. (See Figure 6-1.)
Figure 6-1 Advanced Tab
The next window shows all of the applications that are listed in the AdapterFactoryInit.xml file in the Application Manager’s config directory. (See Figure 6-2.)
Figure 6-2 Advanced Window
From this window, you can: • Determine whether applications are currently manageable. – If the host name is listed, the application is currently running and manageable. – If the host name is not listed, one of the following conditions exists: The application is not running. The RMI Registry on the application’s host system is not running or was started after the application was started. The application was started after the Application Manager was started. In this case, click the Connect button to attempt to connect to the application. The application is not properly configured for management. See the “Troubleshooting Application Manager Startup” section on page 4-2 for help. • Connect to applications that have recently become manageable. • Manage the application.
Cisco Subscriber Edge Services Manager Application Management Guide 6-2 OL-3983-02 Chapter 6 Using the Application Manager Advanced Windows Accessing the Advanced Windows
Step 2 To connect or manage an application: • Click the radio button next to an application name to select that application • Click the Connect or Manage button. – If you click Connect, and the connection fails, review the reasons listed in Step 1. – If you click Manage, the resulting window shows all of the domains in the application and the MBeans in each domain. See Figure 6-3.
Figure 6-3 Advanced Window List of MBeans
Step 3 Scroll down on the page until you find the MBean whose attributes you want to view. Step 4 Click the MBean that you want to examine. The MBean names (in the left column) are hypertext links to the MBean details. The resulting window shows the attributes and operations in the MBean. See Figures 6-4 and 6-5.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 6-3 Chapter 6 Using the Application Manager Advanced Windows Accessing the Advanced Windows
Figure 6-4 Directory MBean (1 of 2)
Cisco Subscriber Edge Services Manager Application Management Guide 6-4 OL-3983-02 Chapter 6 Using the Application Manager Advanced Windows Buttons on the MBean Windows
Figure 6-5 Directory MBean (2 of 2)
Step 5 To edit an attribute, click on the attribute value and make the change. Step 6 To make the change take effect on the running application, click Update. Step 7 To make the change persist across restarts, click Store. You must click Update the current application before storing the change.
Buttons on the MBean Windows
The buttons on the MBean windows represent methods defined for the class that you are viewing. You can click any button to dynamically call the method and perform the operation on the running application. • Update—Sends the attribute changes to the running application. The change takes effect immediately on the running application unless you receive an error message stating otherwise. • Store—Saves the attribute changes in the appropriate configuration file (for example, nwsp.xml). This action persists the changes for future application restarts. The Store button has the following effects on the MBean in the configuration file:
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 6-5 Chapter 6 Using the Application Manager Advanced Windows Buttons on the MBean Windows
– Deletes any
Note The Undo operation applies to the running application only. To save an Undo action to the configuration files (that is, undo the changes stored in the configuration file), click Store after clicking Undo.
• Additional operations—Some MBeans have additional buttons. In most cases, the buttons represent specialized update methods for an array or mapping element. You can use these buttons to update elements.
Cisco Subscriber Edge Services Manager Application Management Guide 6-6 OL-3983-02
CHAPTER 7
Logging and Debugging in SESM Applications
This chapter describes how to configure the logging and debugging mechanisms for Cisco Subscriber Edge Services Manager (SESM) applications and the Jetty server. Topics are: • Log File Descriptions, page 7-1 • MBeans for Log File Configuration, page 7-1
Log File Descriptions
The SESM log files can help troubleshoot SESM applications and deployments. By changing the configuration of the logging and debugging mechanisms, you can change the amount of detail reported and specify message filtering. Two of the log files have debugging mechanisms in addition to the logging features. • Jetty log—Contains logging and debugging messages from Jetty. The logging messages record the startup of the Jetty server and all ongoing activity, such as errors trapped by the Jetty server and HTTP errors. If the SESM application fails to start, look at this log. Make sure you monitor this log file for illegal HTTP requests that might indicate attempts to subvert the web server. If you enable debugging, the log file also includes more detailed debugging messages. • Jetty HTTP Request log—Contains incoming HTTP requests. You can use this log file to analyze volume and traffic patterns for the web server. • Application log—Contains logging and debugging messages from the SESM application. The logging tool logs SESM web application activity. The debugging mechanism produces messages useful to developers in debugging applications. You can configure all three of these logs for each SESM portal application and for CDAT. RDP uses only the application log.
MBeans for Log File Configuration
Table 7-1 shows the MBeans that configure the log files. The MBeans control the level of verbosity in the logs, message filtering, debugging, file location, and file management.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 7-1 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
Table 7-1 Configuring the Log Files
Attribute that MBean Name and Reference Specifies File Process Log Type to More Information Path Name Default Log Filename Jetty Server Jetty log Log MBean, page 7-2 filename date.jetty.log Debug MBean, page 7-3 Request log Server MBean, page 7-4 RequestLog date.request.log SESM Application log Logger MBean, page 7-5 logFile date.application.log Application (includes debugging attributes)
To change the location of a log file, change the value of the attribute listed in Table 7-1. The installed default value for the file path name attributes is the application.home property. The value for the application.home property is set by the start script at run time. The installed default configuration places all log files for an application into the logs subdirectory under the application home directory. For example: SESMinstallDir nwsp logs
If the logs directory does not exist, it is created at application runtime.
Jetty Server Logging and Debugging
This section describes the MBeans that configure Jetty Server logging and debugging: • Log MBean, page 7-2 • Debug MBean, page 7-3 • Server MBean, page 7-4
Log MBean
The Log MBean enables the Jetty server debugging and logging mechanisms and configures the information that appears in the jetty log file. Table 7-2 describes the attributes in the Log MBean.
Table 7-2 Jetty Container—Log MBean
Attribute Name Explanation logTimezone Installed default: empty logDateFormat Controls the format of the date stamp in the log messages. Installed default: yyyyMMdd:HHmmss.SSS logLabels Controls whether or not the log messages include frame details. Installed default: false logOneLine Installed default: false
Cisco Subscriber Edge Services Manager Application Management Guide 7-2 OL-3983-02 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
Table 7-2 Jetty Container—Log MBean (continued)
Attribute Name Explanation logStackSize Controls whether or not the log messages include an indication of stack depth. Installed default: false logStackTrace Controls whether or not the log messages include trace information. Installed default: false logTags Installed default: true logTimeStamps Installed default: true append Indicates if messages overwrite existing contents (false) or are appended to the existing file (true). Installed default: true retainDays Indicates the number of days to keep an old log file before deleting it. Installed default: 31 filename Specifies the log filename and path, as follows: application.home/logs/yyyy_mm_dd.jetty.log Where: • application.home—A property whose value is set in the SESM start script. • logs—A constant. All log files appear in the logs subdirectory under the application directory. • yyyy_mm_dd—The year, month, and day that the file was created. • .jetty.log—A constant identifying the Jetty log files.
Debug MBean
The Debug MBean enables or disables the Jetty server debugging mechanism. Table 7-3 describes the attributes in the DebugMBean.
Table 7-3 Jetty Container—Debug MBean
Attribute Name Explanation debug Controls whether or not debugging messages are produced. Installed default: false debugPatterns By specifying one or more patterns, you turn on a filtering mechanism that excludes any message that does not match the pattern. The patterns are file, class, or method names. Pattern matching is based on substring matches. For example, if you specify the pattern RADIUS, the software focuses on RADIUS messages. To specify multiple patterns, separate the patterns using a comma. Installed default: empty verbose Specifies the level of detail reported in debugging messages. The range of allowed values is 0 (no details) to 255 (all details). Installed default: 0
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 7-3 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
Table 7-3 Jetty Container—Debug MBean (continued)
Attribute Name Explanation suppressStack Controls whether or not stack information is included in debug messages. Installed default: false suppressWarnings Controls whether or not warning messages are included in debug messages. Installed default: false
Server MBean
The Server MBean configures a request log, which records all incoming HTTP requests. Table 7-4 describes the attributes in the Server MBean.
Table 7-4 Jetty Container—Server MBean
Attribute Name Explanation RequestLog Creates a new class with one argument, which specifies the name and location of the request log. The installed value is: application.home/logs/yyyy_mm_dd.request.log Where: • application.home—A property whose value is set in the SESM start script. • logs—A constant. All log files appear in the logs subdirectory under the application directory. • yyyy_mm_dd—The year, month, and day that the file was created. The installation program uses the appropriate path name delimiter for the installation platform. • .request.log—A constant identifying an HTTP request file. retainDays Indicates the number of days to keep a log file before deleting it. Installed default: 90
Cisco Subscriber Edge Services Manager Application Management Guide 7-4 OL-3983-02 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
Table 7-4 Jetty Container—Server MBean (continued)
Attribute Name Explanation append Indicates whether or not to append messages to an existing file or to create a new file for each application instance. Installed default: true
The SESM start script derives the values for application.home and jetty.home from an expected (installed) directory structure. To change these values, edit the start script.
SESM Application Logging and Debugging
This section describes the Logger MBean, which configures logging and debugging in SESM applications.
Logger MBean
The Logger MBean configures both logging and debugging tools. The logging tool traces business events in the SESM portal. The debugging mechanism produces messages useful to developers in debugging applications. Table 7-5 describes the attributes in the Logger MBean.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 7-5 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
Table 7-5 SESM Portal Application—Logger MBean
Attribute Name Explanation debug Turns debugging on or off. That is, it controls whether Log.debug calls executed by the SESM application are displayed in the log file. Note Logging remains on regardless of this value. That is, all Log.trace and Log.warning calls executed in the SESM application are written to the log file regardless of the value of the debug attribute. To turn off logging, comment out the entire Logger MBean.
Values for this attribute are: • false—The application produces trace messages but not debug messages. The trace messages record business activity performed by the SESM portal. This setting is the normal, recommended setting for production environments. The trace messages provide important information for diagnosing configuration problems. • true—The application produces trace and debug messages. This setting is intended for development environments to debug portal code behavior. The logging of debug messages can affect performance; hence, this setting is not recommended for production environments. The following parameters control the contents of debug messages that the application generates: logFrame, logStack, logThread, debugPatterns, and debugThreads. The following parameters control the types of logging messages produced: trace and warning. Installed default: false debugPatterns By specifying one or more patterns, you turn on a filtering mechanism that excludes any message that does not match the pattern. The patterns are file, class, or method names. Pattern matching is based on substring matches. For example, if you specify the pattern RADIUS, the software focuses on RADIUS messages. To specify multiple patterns, separate the patterns using a comma. Installed default: empty, which means that you receive all messages. debugThreads Specifies a specific thread name for which to show debugging messages. You can specify multiple thread names, separating them using a comma. For example: 6,13,22. By default, no thread name is specified. Because each user interaction with the SESM web application takes place in a thread named for that user, this parameter can be used to focus the logging trace on a specific user activity. Enter a list of thread names separated by commas. Installed default: empty debugVerbosity Specifies the level of detail in debugging messages. When the debug attribute is set to false, this attribute is ignored. Values are MAX, MED, or LOW. Installed default: LOW logDateFormat Specifies format of dates in the log file. Installed default: yyyyMMdd:HHmmss.SSS
Cisco Subscriber Edge Services Manager Application Management Guide 7-6 OL-3983-02 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
Table 7-5 SESM Portal Application—Logger MBean (continued)
Attribute Name Explanation logFile Specifies the filename and location for the logging (tracing) of business events performed by the SESM application. The installed default is: application.home/logs/yyyy_mm_dd.application.log Where: • application.home—A property whose value is set in the SESM start script. • logs—A constant. All log files appear in the logs subdirectory under the application directory. • yyyy_mm_dd —The year, month, and day that the file was created. • application.log—A constant identifying the application log files. logFrame Controls whether or not to log the calling member function. Installed default: false logStack Controls whether or not to log stack traces. Installed default: false logThread Controls whether or not to log thread IDs. Installed default: true logToErr Controls whether or not to route log messages to stderr, in addition to the log file. This parameter is useful for monitoring the SESM web application at the command line. Displaying output to stderr is not recommended for production deployments. Installed default: true trace Controls whether or not to log trace messages. These messages indicate entry and exit to code points. Installed default: true warning Controls whether or not to log warning messages (nonfatal exceptions). Installed default: true
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 7-7 Chapter 7 Logging and Debugging in SESM Applications MBeans for Log File Configuration
SSG Connectivity
This section describes the SSG MBean, which configures the SSG connections.
SSG MBean
The SSG MBean configures the SSG connections.
Table 6 SSG MBean Attributes
Attribute Name Explanation SSGIPPolicy Class The class name of the SSGIPPolicy to use to determine the SSG IP address for a session. If not set, the identity mapping is used. Installed default: com.cisco.sesm.ssg.DefaultSSGIPPolicy attributeDescriptions An array describing the SSG configuration. For example: java.lang.String[0] = 10.52.199.172[255.255.255.252]IP=10.52.199.83 java.lang.String[1] = 0.0.0.0[0.0.0.0]THROTTLE=20 java.lang.String[2] = 0.0.0.0[0.0.0.0]TIMEOUTSECS=10 java.lang.String[3] = 0.0.0.0[0.0.0.0]SECRET=cisco java.lang.String[4] = 0.0.0.0[0.0.0.0]MASK=255.255.255.255 java.lang.String[5] = 0.0.0.0[0.0.0.0]BUNDLE_LENGTH=0 java.lang.String[6] = 0.0.0.0[0.0.0.0]SEND_FRAMED_IP=false java.lang.String[7] = 0.0.0.0[0.0.0.0]PORT=1812 java.lang.String[8] = 0.0.0.0[0.0.0.0]RETRIES=3 attributes The attributes used internally by the persistence mechanism. For example: Type Not Supported: [{10.52.199.172[255.255.255.252]={IP=10.52.199.83}, 0.0.0.0[0.0.0.0]={THROTTLE=20, TIMEOUTSECS=10, SECRET=cisco, MASK=255.255.255.255, BUNDLE_LENGTH=0, SEND_FRAMED_IP=false, PORT=1812, RETRIES=3}}] generateMessageAuth Boolean type True or False. If True, message authenticators are generated for all requests according enticators to RFC2689. maxSSGs The maximum number of SSGs that will be cached. This value is an integer. numCloses The total number of connections that have been closed. This value is an integer. numExceptions The total number IO exceptions handled during all requests. This value is an integer. numOpens The total number of connections that have been opened. This value is an integer. numRejects The total number of Access Rejects received. This value is an integer. numRequests The total number of requests made. This value is an integer. numSSGs The number of SSGs in the cache. This value is an integer. numTimeouts The total number of requests that have timed out. This value is an integer. statistics View the value of statistics. throttle The default maximum number of simultaneous requests allowed to an SSG. This value is an integer.
Cisco Subscriber Edge Services Manager Application Management Guide 7-8 OL-3983-02
APPENDIX A
Manually Editing MBean Configuration Files
This appendix describes the Cisco Subscriber Edge Services Manager (SESM) MBean configuration file format and how to manually edit the files. Topics are: • Restarting Applications after Editing, page A-1 • MBean Configuration Files, page A-1 • MBean Configuration File Format, page A-1 • SystemProperty and Property Tags in Configuration Files, page A-4
Restarting Applications after Editing
If you change configuration values by directly editing the configuration files, you must stop and restart the SESM application and its Jetty server before the changes take effect. If you deployed SESM in SPE mode, you also must stop and restart RDP.
MBean Configuration Files
The MBean configuration files are XML files in a format defined in xmlconfig.dtd, a Cisco DTD. These files set configurable attributes in SESM. The SESM installation program assigns values for all of the key attributes in these files, using a combination of default values and values you provide during the install.
MBean Configuration File Format
This section summarizes the MBean file format Mdefined in xmlconfig.dtd. The purpose of this summary is to provide enough information for you to easily edit the configuration files. Use the following example as a reference while reading the format guidelines that follow. The example configures the Logger, Version, and ManagementConsole MBeans for SESM portals.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 A-1 Appendix A Manually Editing MBean Configuration Files MBean Configuration File Format
The following guidelines explain the basic format of the MBean configuration files. • The MBean configuration file contains a single
Cisco Subscriber Edge Services Manager Application Management Guide A-2 OL-3983-02 Appendix A Manually Editing MBean Configuration Files MBean Configuration File Format
After being initialized, an MBean registers itself with the MBean server. When ConfigAgent detects the newly registered object, it then configures the object. • An
Where: attributeName is the MBean parameter name whose value is being set. Do not change any attributeName. dataType is the required data type of the value you specify. Do not change dataType unless the change is related to application development. The dataType can be: none (which defaults to string), string, int, boolean, URL, an Array element, a Map element, or a New element. value is the attribute value. You can edit the value, making sure that the value you provide conforms to the data type specified. • The
Note The default values assigned in these tags are not used if a value is assigned in the start script. You must remove any use of the setting in the apppropriate startup script for the default values in the configuration files to take effect. See the section “SystemProperty and Property Tags in Configuration Files” section for more information.
Cisco ConfigAgent performs the following management functions for MBeans. • Constructs and initializes an MBean—The
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 A-3 Appendix A Manually Editing MBean Configuration Files SystemProperty and Property Tags in Configuration Files
• Configures an MBean—The
SystemProperty and Property Tags in Configuration Files
The installed MBean configuration files use
Note If you use the Store button in the SESM remote management tool to persist a change to an MBean attribute, any
The value of a property is set as follows: 1. You can specify a value on the command line at run time. The command line value overrides all other values. The -D argument to the java command defines the value of a property. For example: startNWSP.sh -jvm -DpropertyName=value
2. You can specify a value in the start script using the -D option to the java command. For example, the following lines from the installed start script (START.sh or START.cmd) assigns values to some properties. $JAVA $SERVER -Xms64m -Xmx64m \ -classpath $CLASSPATH \ -Dinstall.root=$INSTALLDIR \ -Djetty.home=$JETTYDIR \ -Dapplication.home=$APPDIR \ -Dapplication.portno=$PORTNO \ -Dapplication.ssl.portno=$SSLPORTNO \ -Dmanagement.portno=$MGMTPORTNO \
3. If a value is not specified by either of the above methods at application run time, the application uses a default value specified in the MBean configuration file, in the
Cisco Subscriber Edge Services Manager Application Management Guide A-4 OL-3983-02
APPENDIX B
Using the SESM Agent View Tool
This appendix describes how to remotely manage Cisco Subscriber Edge Services Manager (SESM) applications using the SESM Agent View tool. Topics in this appendix are: • SESM Agent View Overview, page B-1 • Accessing an Application’s Agent View, page B-2 • Using the Agent View, page B-5 • Using the MBean View, page B-6 • Monitoring an Application, page B-10
Note The recommended application management tool for this SESM release is the Application Manager. This release includes the Agent View tool to provide convenience and continuity during migrations from previous releases. The SESM Agent View tool will be discontinued in a future SESM release.
SESM Agent View Overview
The SESM Agent View tool provides a way to monitor and change the attributes in a running SESM application. It also provides a way to optionally store changes in the application configuration files, so that the changes persist across restarts. Figure B-1 summarizes how to access the Agent View and the tasks you can perform.
Note The SESM Agent View is an adaptation of the Management Console provided by the HTML adaptor server, which is included with the Sun example JMX server. The Cisco adaptations add persistence features to the server.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 B-1 Appendix B Using the SESM Agent View Tool Accessing an Application’s Agent View
Figure B-1 Agent View Summary
CDAT Main 1 Window Web Browser
Hypertext links HTTP URL
(HTTP://server:ManagementConsolePort)
2 Application Agent View
3 MBean View
Application configuration changes 4 Undo stored changes Store attribute changes
MBean Running Application Configuration file
(NWSP) (nwsp/config/nwsp.xml) 76301
1 Each SESM application has a management console, known as the Agent View. You can access an application’s Agent View in two ways: • Click a link configured on the CDAT main window—It is convenient to access the Agent Views for all of the SESM applications from one list of links. You must configure the links in the CDAT configuration file. • Enter the URL for the application’s management console in a web browser. 2 An application’s Agent View lists all of the MBeans in the running application. From the Agent View, you can access MBean Views. 3 An MBean View provides access to all of the attributes in the MBean. 4 From the MBean View, you can perform the following actions on attribute values: • View current attribute values for the running application. • Apply changes to most Read/Write attributes. Applied changes take immediate effect on the running application. • Store changes in the application’s configuration file. Stored changes persist for future restarts of the application. Undo (revert) changes sequentially from the most recent store to the first store made in the session. The Undo action only affects the running application, even though it undoes the stored changes. To persist an undo, you must store the change.
Accessing an Application’s Agent View
This section describes how to configure, start, and access an Agent View. Topics are: • Configuring the ManagementConsole MBean, page B-3 • Starting and Removing the Management Console, page B-3 • URLs for Accessing Agent Views, page B-4 • Using the CDAT Main Window to Access Agent Views, page B-4
Cisco Subscriber Edge Services Manager Application Management Guide B-2 OL-3983-02 Appendix B Using the SESM Agent View Tool Accessing an Application’s Agent View
Configuring the ManagementConsole MBean
All of the SESM applications include the ManagementConsole MBean, which configures and starts an Agent View for the application. Table B-1 describes the attributes in the ManagementConsole MBean.
Table B-1 SESM Portal Application—ManagementConsole MBean
Attribute Name Explanation Port Specifies the management console port for this application. In the installed configuration files, the port value is a system property named: management.portno
All of the installed startup scripts set this system property to the following value: application.portno + 100
For example, if the application.portno is 8080, the management.portno is 8180. This runtime setting overrides any value you enter in the configuration file. To change the value of this attribute, edit the start script. AuthInfo AuthInfo provides a level of access control on the Management Console. When a user attempts to access the management console port from a web browser, a logon window appears. The user must enter a user ID and password that matches values specified in AuthInfo. Each application has a ManagementConsole MBean that configures the login values for that application’s management console. You can configure different user IDs and passwords for each application or use the same values for all applications. You can specify multiple sets of AuthInfo information to allow multiple users access to a management console. The AuthInfo array has two elements: 1. User ID—Enter a user ID that you want to have access to the management console. The default value in all of the MBean configuration files is MgmtUser. 2. Password—Enter a password that will be required to access the management console. The default value in all of the MBean configuration files is MgmtPassword. You can add, change, and delete AuthInfo values in the configuration files or on the management console. Note If you use the management console to change or delete the user ID or password that you used to log on to the console, the console redisplays the logon prompts. You must log in again using the new authentication values.
Starting and Removing the Management Console
All of the SESM applications are configured to start a management console on application startup. If you do not want to start a management console for an application, comment out the following lines in the application’s MBean configuration file:
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 B-3 Appendix B Using the SESM Agent View Tool Accessing an Application’s Agent View
URLs for Accessing Agent Views
You can access an Agent View by typing its URL in the address field of a web browser. The URL for accessing the Agent View must include the name of the host on which the application is running and the configured management console port number (for example, the value for management.portno). An example URL for the NWSP Agent View is: http://server1:8180
Using the CDAT Main Window to Access Agent Views
The CDAT main window can provide a convenient way to access Agent Views. You can add links to the Agent Views for all of the SESM applications that you want to manage. To add links or change the URLs behind the links, edit the links attribute in the MainServlet MBean in the CDAT application’s configuration file. See the Cisco Distributed Administration Tool Guide for information about the links attribute.
Note This installation program in this SESM release does not add Agent View links to the CDAT Main window. The Agent View links are replaced with a link to the SESM Application Management application.
Figure B-2 shows an example CDAT main window with links to various Agent View URLs.
Figure B-2 CDAT Main Window
Cisco Subscriber Edge Services Manager Application Management Guide B-4 OL-3983-02 Appendix B Using the SESM Agent View Tool Using the Agent View
To use the CDAT main window to access an Agent View, follow these procedures:
Step 1 Start CDAT. The CDAT startup script is located in: jetty bin startCDAT
Step 2 Open a web browser. Step 3 Direct the browser to the CDAT main window. (See Figure B-2.) The URL for accessing CDAT must include the server name where the CDAT is running and the configured CDAT port. The default port used by the installation program is 8081. An example URL for the CDAT main window is: http://server1:8081
Step 4 Click the hot text for the link that you want to access.
Using the Agent View
The Agent View displays the MBeans in a running application. Figure B-3 shows the Agent View for a NWSP application running in SPE mode.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 B-5 Appendix B Using the SESM Agent View Tool Using the MBean View
Figure B-3 Agent View
Table B-2 explains the actions you can perform from the AgentView.
Table B-2 Actions from the Agent View
Name Description Admin button Click the Admin button at the top of the window to add a new MBean to the application. Note You should not need to add new MBeans to installed applications. MBean links Click an MBean in the list to navigate to the MBean View.
Using the MBean View
The MBean View displays the attributes in an MBean. Figures B-4 and B-5 show the MBean View for the WebApp MBean in NWSP. Table B-3, which follows the figures, explains the numbered callouts in these figures.
Cisco Subscriber Edge Services Manager Application Management Guide B-6 OL-3983-02 Appendix B Using the SESM Agent View Tool Using the MBean View
Figure B-4 MBean View—Top Portion
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 B-7 Appendix B Using the SESM Agent View Tool Using the MBean View
Figure B-5 MBean View—Bottom Portion
Table B-3 Actions from the MBean View
Figure Key Name Description 1 Reload interval A reload obtains new information from the application and reloads the page. Reload button • The reload interval specifies the number of seconds between automatic reloads. You can change the reload interval here. The change takes effect immediately. • If the reload interval is 0 (the default), use the Reload button to manually reload the view. 2 Unregister button Makes the MBean inaccessible to the running application. Do not use this button.
Cisco Subscriber Edge Services Manager Application Management Guide B-8 OL-3983-02 Appendix B Using the SESM Agent View Tool Using the MBean View
Table B-3 Actions from the MBean View (continued)
Figure Key Name Description 3 MBean attributes Lists all of the attributes in the MBean. From this section, you can: • Display a short description of the attribute—Click the attribute name. For more detail about any attribute, see the appropriate chapter in this manual. • Change the value of read-write attributes • Monitor metrics (read-only attributes) To change an attribute value, do one of the following, depending on the attribute type: • Integers and strings—Type the attribute value in the Value column. • Booleans—Choose the desired radio button. • Arrays: – If the Value column contains the phrase “Type Not Supported”—Choose one of the buttons from the MBean Operations section. – If the Value column contains a hypertext link over the phrase “view the values of attribute”—Click the link, which opens another page that lists the array elements and current values. Use the appropriate operation in the MBean Operations section to add or change element values. 4 Apply button Sends the attribute changes to the running application. The change takes effect immediately on the running application unless you receive an error message stating otherwise. 5 MBean operations Lists operations that you can perform against the MBean. The list is different for each MBean. However, all MBeans include the Store and Undo operations, described below. 6 Undo button Reverts the running application to the state before the last store. All store operations are captured and can be undone, in sequential order starting with the last change first. You can reverse a previously stored undo. Table B-4 shows how the Undo operation works. Note The Undo operation applies to the running application only. To save an Undo action to the configuration files (that is, undo the changes stored in the configuration file), click the Store button again. 7 Store button Saves the attribute changes in the appropriate configuration file (for example, nwsp.xml). This action persists the changes for future application restarts. The Store button has the following effects on the MBean in the configuration file: • Deletes any
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 B-9 Appendix B Using the SESM Agent View Tool Monitoring an Application
Table B-4 Sequential Store and Undo Operations
Attribute Value in the Attribute Value in the Action Running Application Configuration File Startup 5 5 Change the value to 10 in the MBean View 5 5 Apply the change 10 5 Store the change 10 10 Undo 5 10 Store 5 5
Monitoring an Application
The SESM application MBeans include read-only attributes that provide activity, performance and memory metrics. You can monitor these metrics from the same MBean View that you use to change the values of read-write attributes. Some useful monitoring features on the MBean View are: • Reload period—Set an automatic refresh rate by changing the reload period. The browser automatically refreshes the attributes values at the rate specified by the reload period. The default reload period is 0, which turns off the automatic refresh feature. • Reload button—If you do not set an automatic reload period, you can refresh the read-only values at any time by clicking the Reload button. Figure B-6 shows metrics in the SESM MBean in the NWSP application.
Cisco Subscriber Edge Services Manager Application Management Guide B-10 OL-3983-02 Appendix B Using the SESM Agent View Tool Monitoring an Application
Figure B-6 Metrics in the SESM MBean in the NWSP Application
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 B-11 Appendix B Using the SESM Agent View Tool Monitoring an Application
Cisco Subscriber Edge Services Manager Application Management Guide B-12 OL-3983-02
APPENDIX C
Application Manager MBeans
This appendix describes the MBeans that are configurable using the Application Manager. Topics in this appendix are: • Configuring Application MBeans, page C-13 • Generic MBeans, page C-14 • Application Management MBeans, page C-15 • RADIUS Data Proxy MBeans, page C-16 • Captive Portal MBeans, page C-18 • Web Application (NWSP) MBeans, page C-20 • Message Portal MBeans, page C-22 • Web Services Gateway MBeans, page C-24 • CDAT MBeans, page C-26 • DNS Proxy MBeans, page C-27
Configuring Application MBeans
Each SESM application exposes a series of MBeans that can be viewed and modified using the Application Manager. You can configure the MBeans to modify the functionality of the application, such as logging options, connectivity parameters, and displaying statistics. To configure an application using MBeans in the Application Manager, use the following procedure:
Step 1 In the CDAT Application Manager window, select Advanced. A new window displays all the currently running applications. Step 2 Select the application you want to configure and click manage. A new window displays all the MBeans associated with the selected application. The MBeans are grouped into domains, for example, JMImplementation, com.cisco.sesm and org.mortbay.jetty. Step 3 Select an MBean to modify. A new window displays all the attributes that can be modified for the selected MBean. Step 4 Modify the MBean attributes. Modify each MBean attribute with the appropriate type, as provided in the description. This appendix lists the domains and MBeans for all the SESM applications.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-13 Appendix C Application Manager MBeans Generic MBeans
Generic MBeans
JMImplementation
Attribute Description type=MBeanServerDelegate Provides information on the management interface of the MBean. com.cisco.sesm.ignore
Attribute Description name=ManagementAdaptor HtmlAdaptorServer class: Provides a management interface of an agent to Web browser clients. com.cisco.sesm.jmx
Attribute Description name=version Gets the package versions of the various system jars.
Adaptor
Attribute Description protocol=JRMP Provides information on the management interface of the MBean. For example, JRMP = Adaptor MBean used to allow the server to talk RMI over JRMP. interceptor=invoker,protocol=J Provides information on the management interface of the RMP MBean. For example, created by the JRMP Adaptor MBean.
Cisco Subscriber Edge Services Manager Application Management Guide C-14 OL-3983-02 Appendix C Application Manager MBeans Application Management MBeans
Application Management MBeans com.cisco.sesm
MBean Description agent=configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=Login Login MBean. Allows you to configure login parameters. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean. org.mortbay.jetty
MBean Description Debug=0 Debugging and Defensive programming support. NCSARequestLog=0,Server=0,name=Jetty HTTP Request logger providing the normal or extended NCSA format. OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File. Server=0,name=Jetty Jetty HTTP Server and Servlet container. name=Log The org.mortbay.util.Log logging service. This object allows LogSink instances to be added. MBeans for the LogSinks are created by this object. Server=0,WebApplicationContext=0,context=/, A J2EE Web application extension of name=Jetty ServletHttpContext. Changes made to this MBean are not persisted. SESMSocketListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSocketListener. SESMSSLListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSSLListenercom
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-15 Appendix C Application Manager MBeans RADIUS Data Proxy MBeans
RADIUS Data Proxy MBeans com.cisco.sesm
MBean Description RADIUSDictionary=0 RADIUSDictionary MBean. Allows RADIUS Dictionary style access to the RADIUSAttributes. agent=Configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=Directory Directory MBean. Allows you to configure the directory server. name=Directory,type=Connection Primary connection MBean. Allows you to configure the primary ,instance=Primary connection to the directory server. name=Directory,type=Connection Secondary connection MBean. Allows you to configure the ,instance=Secondary secondary connection to the directory server. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean. name=RDP Extensible Request Proxy MBean. Provides extensible mapping of request listeners to request handlers. name=RDP,AAA=AddAVsFilter ERP filter MBean. Provides an ERPFilter to add RADIUS AVs to a response. name=RDP,AUTHENTICATION DESSAuthenticationHandler MBean. An AAA Handler using the =DESSAuthenticationHandler DESS library for LDAP authentication. name=RDP,AUTHORIZATION= DESSAuthorizationFilter MBean. Filter to add authorization DESSAuthorizationFilter information using the DESS library. name=RDP,DOMAINPROXY=D Generic ERP Handler MBean. Provides configuration of handler omainHandler for domain based proxying. name=RDP,GROUP-PROFILE= DESSGroupProfileHandler MBean. Handler for Group profile DESSGroupProfileHandler requests backed by DESS. name=RDP,LOCAL=AaaHandler AAA Handler Mbean. Provides local flat file handler configuration. name=RDP,NEXTHOP-PROFIL Handler for NextHop profile requests backed by DESS. E=DESSNextHopProfileHandler name=RDP,SERVICE-PROFILE Handler for Service profile requests backed by DESS. =DESSServiceProfileHandler name=RDP,PROXY=ProxyHandl RADIUS Proxy MBean. Provides configuration of RADIUS er Proxy handler. name=RDP,PROXY=ProxyHandl RADIUSClientSocket MBean. Provides the RADIUS Client er,component=RADIUSClientSoc Socket. ket
Cisco Subscriber Edge Services Manager Application Management Guide C-16 OL-3983-02 Appendix C Application Manager MBeans RADIUS Data Proxy MBeans
MBean Description name=RDP,RADIUSListener=AC ERP listener MBean. Provides an ERPListener for RADIUS COUNTING requests. name=RDP,RADIUSListener=AC RADIUSServerSocket MBean. Provides RADIUS Server Socket COUNTING, configuration for accounting. component=RADIUSServerSock et, name=RDP,RADIUSListener=AC ThreadPool MBean. Provides the ThreadPool settings for the COUNTING, accounting listener. component=ThreadPool name=RDP,RADIUSListener=A ERP listener MBean. Provides an ERPListener for Auth UTH (authentication and authorization) requests. name=RDP,RADIUSListener=A RADIUSServerSocket MBean. Provides the RADIUS server UTH,component=RADIUSServer socket for the auth listener. Socket name=RDP,RADIUSListener=A ThreadPool MBean. Provides ThreadPool settings for the auth UTH,component=ThreadPool listener. name=RDP,RDP=RDPHandler RDPHandler MBean. Provides the initial ERP handler for the RDP. Select between AAA and Profile requests. name=RDP,PROFILE=DESSProf DESSProfileHandler MBean. Handler for Profile request backed ileHandler by DESS. Uses the ObjectClass to select a the actual Profile Handler.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-17 Appendix C Application Manager MBeans Captive Portal MBeans
Captive Portal MBeans com.cisco.sesm
MBean Description name=Directory,type=Connection, Primary connection MBean. Allows you to configure the instance=Primary primary connection to the LDAP directory server. agent=Configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=ExtensionSpecification Extension Specification MBean. Allows you to configure an extension specification holding an extension and, optionally, a provider. Examples of extensions are Authentication, Authorization, ServiceConnection and ServiceProfile. Examples of providers are com.cisco.sesm.spis.demo, com.cisco.sesm.spis.radius and com.cisco.sesm.spis.dess. name=WebApp Web applications MBean. In the case of Captive Portal, this MBean is used to configure dimension data so as to map locations to location URLs. name=Directory,type=Connection,in Secondary connection MBean. Allows you to configure the stance=Secondary secondary connection to the LDAP directory server. name=Directory Directory MBean. Allows you to configure the LDAP directory server. name=Extension Extension MBean. Allows you to configure extension specifications and the default provider. name=SSG SSG MBean. Allows you to perform configuration of the SSG connections. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=Version Version MBean. Allows you to get the package version of the jar file for the SESM model. name=captiveportal Web application to redirect requests due to TCP-redirection from the edge device. name=SESM SESM MBean. Allows you to configure settings and to view statistics for the SESM model. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean. name=JNDI JNDI naming server MBean. Allows you to perform JNDI naming server configuration for storing and retrieving extensions. name=Location Location MBean. Allows you to define a set of Locations. A Location is defined by a set of identifiers: Client IP address, VPI and sub-interface. For example, the application can use the location of a session to change its look and feel.
Cisco Subscriber Edge Services Manager Application Management Guide C-18 OL-3983-02 Appendix C Application Manager MBeans Captive Portal MBeans org.mortbay.jetty
MBean Description SESMSocketListener=5,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty Debug=0 Debugging and Defensive programming support. SESMSocketListener=6,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty SESMSocketListener=2,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty NCSARequestLog=0,Server=0,name HTTP Request logger providing the normal or extended NCSA =Jetty format. OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File. SESMSocketListener=3,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty SESMSocketListener=7,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty SESMSSLListener=0,Server=0,nam com.cisco.sesm.jetty.SESMSSLListener e=Jetty Server=0,WebApplicationContext=0 A J2EE Web application extension of ServletHttpContext. ,context=/,name=Jetty Changes made to this MBean are not persisted. SESMSocketListener=1,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty Server=0,name=Jetty Jetty HTTP Server and Servlet container. name=Log The org.mortbay.util.Log logging service. This object allows LogSink instances to be added. MBeans for the LogSinks are created by this object. SESMSocketListener=4,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty SESMSocketListener=0,Server=0,na com.cisco.sesm.jetty.SESMSocketListener me=Jetty
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-19 Appendix C Application Manager MBeans Web Application (NWSP) MBeans
Web Application (NWSP) MBeans com.cisco.sesm
MBean Description name=Directory,type=Connection,instan Primary connection MBean. Allows you to configure the ce=Primary primary connection to the LDAP directory server. agent=Configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=ExtensionSpecification Extension Specification MBean. Allows you to configure an extension specification holding an extension and, optionally, a provider. Examples of extensions are Authentication, Authorization, ServiceConnection and ServiceProfile. Examples of providers are com.cisco.sesm.spis.demo, com.cisco.sesm.spis.radius and com.cisco.sesm.spis.dess. name=WebApp Web applications MBean. Allows you to configure different aspects of the behavior of the web applications. name=Directory Directory MBean. Allows you to configure the LDAP directory server. name=Directory,type=Connection,instan Secondary connection MBean. Allows you to configure the ce=Secondary secondary connection to the LDAP directory server. name=DESSMode DESS mode MBean. Allows you to configure the naming used for the LDAP directory as well as the Token Check Interval. In addition, this MBean allows you to display the current, total and maximum number of sessions. name=Extension Extension MBean. Allows you to configure extension specifications and the default provider. name=SSG SSG MBean. Allows you to perform configuration of the SSG connections. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=Version Version MBean. Allows you to get the package version of the jar file for the SESM model. name=SESM SESM MBean. Allows you to configure settings and view statistics for the SESM model. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean.
Cisco Subscriber Edge Services Manager Application Management Guide C-20 OL-3983-02 Appendix C Application Manager MBeans Web Application (NWSP) MBeans
MBean Description name=JNDI JNDI naming server MBean. Allows you to perform JNDI naming server configuration for storing and retrieving extensions. name=Location Location MBean. Allows you to define a set of Locations. A Location is defined by a set of identifiers: Client IP address, VPI and sub-interface. For example, the application can use the location of a session to change its look and feel. org.mortbay.jetty
MBean Description Debug=0 Debugging and Defensive programming support. NCSARequestLog=0,Server=0,name=Jetty HTTP Request logger providing the normal or extended NCSA format. OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File. SESMSSLListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSSLListener Server=0,WebApplicationContext=0, A J2EE Web application extension of context=/,name=Jetty ServletHttpContext. Changes made to this MBean are not persisted. Server=0,name=Jetty Jetty HTTP Server and Servlet container. name=Log The org.mortbay.util.Log logging service. This object allows LogSink instances to be added. MBeans for the LogSinks are created by this object. SESMSocketListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSocketListener
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-21 Appendix C Application Manager MBeans Message Portal MBeans
Message Portal MBeans com.cisco.sesm
MBean Description name=Directory,type=Connection,inst Primary connection MBean. Allows you to configure the ance=Primary primary connection to the LDAP directory server. agent=Configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=Directory,type=Connection,inst Secondary connection MBean. Allows you to configure the ance=Secondary secondary connection to the LDAP directory server. name=Directory Directory MBean. Allows you to configure the LDAP directory server. name=messageportal Message portal MBean. Allows you to configure settings for the Message Portal. name=Extension Extension MBean. Allows you to configure extension specifications and the default provider. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=Version Version MBean. Allows you to get the package version of the jar file for the SESM model. name=SESM SESM MBean. Allows you to configure settings and to view statistics for the SESM model. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean. name=JNDI JNDI naming server MBean. Allows you to perform JNDI naming server configuration for storing and retrieving extensions. name=Location Location MBean. Allows you to define a set of Locations. A Location is defined by a set of identifiers: Client IP address, VPI and sub-interface. For example, the application can use the location of a session to change its look and feel.
Cisco Subscriber Edge Services Manager Application Management Guide C-22 OL-3983-02 Appendix C Application Manager MBeans Message Portal MBeans org.mortbay.jetty
MBean Description Debug=0 Debugging and Defensive programming support. NCSARequestLog=0,Server=0,name=Jetty HTTP Request logger providing the normal or extended NCSA format. OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File. Server=0,WebApplicationContext=0, A J2EE Web application extension of context=/,name=Jetty ServletHttpContext. Changes made to this MBean are not persisted. Server=0,name=Jetty Jetty HTTP Server and Servlet container. name=Log The org.mortbay.util.Log logging service. This object allows LogSink instances to be added. MBeans for the LogSinks are created by this object. SESMSocketListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSocketListener
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-23 Appendix C Application Manager MBeans Web Services Gateway MBeans
Web Services Gateway MBeans com.cisco.sesm
MBean Description name=Directory,type=Connection,inst Primary connection MBean. Allows you to configure the ance=Primary primary connection to the LDAP directory server. agent=Configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=ExtensionSpecification Extension Specification MBean. Allows you to configure an extension specification holding an extension and, optionally, a provider. Examples of extensions are Authentication, Authorization, ServiceConnection and ServiceProfile. Examples of providers are com.cisco.sesm.spis.demo, com.cisco.sesm.spis.radius and com.cisco.sesm.spis.dess. name=WebApp Web applications MBean. In the case of Captive Portal, this MBean is used to configure dimension data so as to map locations to location URLs. name=Directory,type=Connection,inst Secondary connection MBean. Allows you to configure the ance=Secondary secondary connection to the LDAP directory server. name=Directory Directory MBean. Allows you to configure the LDAP directory server. name=Extension Extension MBean. Allows you to configure extension specifications and the default provider. name=SSG SSG MBean. Allows you to perform configuration of the SSG connections. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=Version Version MBean. Allows you to get the package version of the jar file for the SESM model. name=SESM SESM MBean. Allows you to set configuration and statistics parameters. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean. name=JNDI NDI naming server MBean. Allows you to perform NDI naming server configuration for storing and retrieving extensions. name=Location Location MBean. Allows you to define a set of Locations. A Location is defined by a set of identifiers: Client IP address, VPI and sub-interface. For example, the application can use the location of a session to change its look and feel.
Cisco Subscriber Edge Services Manager Application Management Guide C-24 OL-3983-02 Appendix C Application Manager MBeans Web Services Gateway MBeans org.mortbay.jetty
MBean Description Debug=0 Debugging and Defensive programming support. NCSARequestLog=0,Server=0,name=Jetty HTTP Request logger providing the normal or extended NCSA format. OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File. Server=0,WebApplicationContext=0,context=/,name=Jetty A J2EE Web application extension of ServletHttpContext. Changes made to this MBean are not persisted. Server=0,name=Jetty Jetty HTTP Server and Servlet container. name=Log The org.mortbay.util.Log logging service. This object allows LogSink instances to be added. MBeans for the LogSinks are created by this object. SESMSocketListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSocketListen er
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-25 Appendix C Application Manager MBeans CDAT MBeans
CDAT MBeans com.cisco.sesm
MBean Description name=Directory,type=Connection,instance Primary connection MBean. Allows you to configure the =Primary primary connection to the LDAP directory server. agent=Configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=MainServlet MainServlet MBean. This class allows the links on the main page of CDAT to be configured name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=CDAT CDAT MBean. This class allows various parameters affecting the functioning of CDAT to be configured. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean. name=Directory,type=Connection,instance Secondary connection MBean. Allows you to configure =Secondary the secondary connection to the LDAP directory server. name=Directory Directory MBean. Allows you to configure the LDAP directory server. org.mortbay.jetty
MBean Description Debug=0 Debugging and Defensive programming support. NCSARequestLog=0,Server=0,name=Jetty HTTP Request logger providing the normal or extended NCSA format. OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File. Server=0,name=Jetty Jetty HTTP Server and Servlet container. name=Log The org.mortbay.util.Log logging service. This object allows LogSink instances to be added. MBeans for the LogSinks are created by this object. SESMSocketListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSocketListen er
Cisco Subscriber Edge Services Manager Application Management Guide C-26 OL-3983-02 Appendix C Application Manager MBeans DNS Proxy MBeans
Server=0,WebApplicationContext=0,context=/ A J2EE Web application extension of ,name=Jetty ServletHttpContext. Changes made to this MBean are not persisted. SESMSSLListener=0,Server=0,name=Jetty com.cisco.sesm.jetty.SESMSSLListener
DNS Proxy MBeans
MBean Description agent=configuration Configuration agent MBean. This object observes JMX registration events looking for objects known to it. If a known object registers, then the configuration agent attempts to use it's MBean interface to push a configuration at the new MBean. name=DNSProxy DNS proxy MBean. Extensible Request Proxy. Provides mapping of ERPlisteners to request handlers in DNSProxy. name=DNSProxy,DNS=DNSSubstituteIPhandler DNS substitute IP handler MBean. A DNS Handler that inserts a substitute IP address into the DNS response in the event of an unresolved request. name=DNSProxy,RESOLVER=DNSDelegationHa DNS delegation handler MBean. A DNS ndler Handler that delegates requests to other servers. name=DNSProxy,UDPListener=DNS UDP listener MBean. A listener for DNS requests. name=DNSProxy,UDPListener=DNS,component= ThreadPool MBean. The DNSProxy application ThreadPool ThreadPool. name=Logger Logger MBean. Allows you to configure the log, trace, and debug mechanisms. name=ManagementConsole ManagementConsole MBean. Allows you to configure the AgentView MBean.
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 C-27 Appendix C Application Manager MBeans DNS Proxy MBeans
Cisco Subscriber Edge Services Manager Application Management Guide C-28 OL-3983-02
INDEX
MBean 1-1 A console AddWebApplication 7-5 management B-3 Agent View constructing MBeans A-3 accessing B-2, B-4 context description B-1, B-2 path attribute 7-5 links on CDAT main window B-4 URLs B-4 D using B-5
Agent View tool B-1 database, profiles 1-2 append attribute 7-3, 7-5 debug attribute 7-3, 7-6 application.home 5-8, 7-3, 7-5, 7-7 debugging 7-1, 7-3, 7-6 application.log 7-2, 7-4, 7-7 Debug MBean 7-3 applications list, on firewall pages 5-7 debugPatterns attribute 7-3, 7-6 Apply button, AgentView B-9 debugThreads attribute 7-6 attributes, configuration debugVerbosity attribute 7-6 persisting changes B-9 defining new attributes 5-10 authentication diagram multikey 5-10 SESM reference network 1-4 AuthInfo attribute B-3 dictionary 5-10 direction attribute 5-8 documentation map 1-5 C DTD A-1 CDAT main window B-4 E session tuning 5-6
timeouts 5-6 editing configuration files A-1 comments, in MBeans 5-5, 6-6, B-9 executables compressed images 1-2 adding Windows services 4-4 ConfigAgent 1-5, A-3 stop scripts 4-4 configuration files executables, for installation 1-2 DTD A-1 editing A-1
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 IN-1 Index
troubleshooting 5-8, 7-1 F JMX filename attribute, in Log MBean 7-3 description 1-4 files HTML Adaptor server B-3 installation image names 1-2 server 1-5, B-1 MBean configuration 1-1 Merit 1-2 L xmlconfig.dtd A-1
See also logs LDAP directory 1-2 firewalls logDateFormat attribute 7-2, 7-6 applications list 5-7 logFile attribute 7-7 protocols 5-7 logFrame attribute 7-7 Logger MBean 7-5, 7-6 logLabels attribute 7-2 H Log MBean 7-2 HTML Adaptor server 1-5, B-1, B-3 logOneLine attribute 7-2 HTTP logs errors 5-8, 7-1 application.home 5-8, 7-3 request log 7-1 application.log 7-2, 7-7 HttpServer MBean 7-5 configuring 7-3, 7-6 file names 7-1 filenames 5-8, 7-3, 7-7 I jetty.log 5-8, 7-2, 7-3 initializing MBeans A-3 Jetty server activity 7-2 installation portal activity 7-5 image 1-2 request.log 7-2, 7-4 important notes 2-1 turning off 7-6 results 2-2 logStack attribute 7-7 logStackSize attribute 7-3 logStackTrace attribute 7-3 J logTags attribute 7-3 J2EE containers 1-1 logThread attribute 7-7 Java Management Extensions logTimeStamps attribute 7-3 See JMX logTimezone attribute 7-2 jetty.home 7-5 logToErr attribute 7-7 jetty.log 5-8, 7-2, 7-3 Jetty server log files 7-1
Cisco Subscriber Edge Services Manager Application Management Guide IN-2 OL-3983-02 Index
Property tag, in XML files 5-5, 6-6, A-3, A-4, B-9 M management console Q configuring B-3
port B-3 queryTimeout attribute 5-6 removing B-3 starting B-3 See also HTML Adaptor server R
ManagementConsole MBean B-3 RADIUS server 1-2 map, documentation 1-5 reference network diagram 1-4 MBeans C-13 registering MBeans A-3 changing 1-1 Reload button B-8 comments in 5-5, 6-6, B-9 reload interval B-8 ConfigAgent A-3 remote management tool B-1 constructing and initializing A-3 See Agent View tool; Application Management tool Debug 7-3 request.log 7-2, 7-4 description A-3 retainDays attribute 7-3, 7-4 Log 7-2 returnOption attribute 5-8 Logger 7-5 property tags in 5-5, 6-6, B-9 Server 7-4 S MBean View B-2, B-6 Server MBean 7-4 Merit flat file 1-2 service Microsoft Windows services 4-4 Windows 4-4 monitoring applications B-10 sessionTimeout attribute 5-6 multikey authentication 5-10 SPE 1-2 startup scripts N failure 7-1 Java system properties A-4 network diagram 1-4 Store button B-9 suppressStack attribute 7-4 P suppressWarnings attribute 7-4 system properties A-4 persisting attribute changes B-9 SystemProperty tag, in XML files 5-5, 6-6, A-3, A-4, B-9 ports management console B-3 profiles 1-2 T properties files tar files 1-2 See also system properties; aaa.properties file
Cisco Subscriber Edge Services Manager Application Management Guide OL-3983-02 IN-3 Index
timeouts CDAT 5-6 trace attribute 7-7 tuning CDAT sessions 5-6
U
Undo button B-9 Unregister button B-8 URLs AgentView B-4
V verbose attribute 7-3 virtual host name 7-5
W warning in log files 7-6 logging configuration attribute 7-7 Windows services 4-4
X xmlconfig.dtd A-1
Z zip files 1-2
Cisco Subscriber Edge Services Manager Application Management Guide IN-4 OL-3983-02