Cisco Subscriber Edge Services Manager Application Management

Cisco Subscriber Edge Services Manager
Application Management Guide
SESM Release 3.2
September 2003
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Text Part Number: OL-3983-02
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ Net Readiness
Scorecard, Networking Academy, and ScriptShare are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, The Fastest Way to Increase
Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the
Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the
Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, LightStream, MGX,
MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, SMARTnet, StrataView Plus, Stratm, SwitchProbe,
TeleRouter, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0304R)
Cisco Subscriber Edge Services Manager Application Management Guide
Copyright ©2003, Cisco Systems, Inc. All rights reserved.
C ON T E N T S
About This Guide
vii
Document Objectives
Audience
vii
vii
Document Organization
viii
Document Conventions
viii
Related Documentation
ix
Obtaining Documentation ix
Cisco.com x
Documentation CD-ROM x
Ordering Documentation x
Documentation Feedback x
Obtaining Technical Assistance xi
Cisco TAC Website xi
Opening a TAC Case xi
TAC Case Priority Definitions xii
Cisco Developer Support Program xii
Program Benefits xii
Contacting Cisco Developer Support
xii
Obtaining Additional Publications and Information
CHAPTER
1
Introduction
1-1
Application Manager
1-1
SESM Installation Images
1-2
Subscriber and Service Profiles
1-2
SESM Reference Network Diagram
SESM Application Management
SESM Documentation Map
CHAPTER
2
xiii
1-3
1-4
1-5
Installing the Application Manager
2-1
Important Information about Installing Application Manager
Recommended Browsers
2-1
Reference to Detailed Installation Instructions
Installation Results
2-1
2-2
2-2
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
iii
Contents
CHAPTER
3
Configuring the Application Manager
Underlying Technology
3-1
3-1
Required Configuration Procedures 3-3
Granting Access to the RMI Registry 3-3
Setting the Classpath and Running the RMI Registry
Adding New Applications to Manage
3-4
Configuring Logon Values for the Application Manager
CHAPTER
4
Running the Application Manager
Troubleshooting Application Manager Startup
5
4-1
4-2
4-4
Adding and Removing Services on Windows
Service Dependencies 4-4
CHAPTER
4-4
Using the Application Manager Operational Scenarios
Purpose of Operational Scenarios
3-6
4-1
Startup Procedures for Application Manager
Stopping the Application Manager
3-4
5-1
5-1
Accessing the Operational Scenarios 5-2
Researching Applications Not Appearing on an Operational Scenario
General Instructions for Using the Operational Scenarios
Changing Attribute Values 5-4
Changing Column Widths 5-4
Changing List Ordering 5-4
Button Operations 5-5
5-3
5-4
Operational Scenario Descriptions 5-5
CDAT Session Operational Scenario 5-6
Deployment Operational Scenario 5-6
Firewalls Operational Scenario 5-7
Logging Operational Scenario 5-8
RADIUS Dictionary Operational Scenario 5-9
RDP Operational Scenario 5-10
SPE Operational Scenario 5-11
SSG Operational Scenario 5-11
SSG Mappings Scenario 5-11
Bulk Upload Scenario 5-14
CHAPTER
6
Using the Application Manager Advanced Windows
Introduction
6-1
6-1
Cisco Subscriber Edge Services Manager Application Management Guide
iv
OL-3983-02
Contents
Accessing the Advanced Windows
Buttons on the MBean Windows
CHAPTER
7
6-2
6-5
Logging and Debugging in SESM Applications
Log File Descriptions
7-1
MBeans for Log File Configuration 7-1
Jetty Server Logging and Debugging 7-2
Log MBean 7-2
Debug MBean 7-3
Server MBean 7-4
SESM Application Logging and Debugging
Logger MBean 7-5
SSG Connectivity 7-8
SSG MBean 7-8
APPENDIX
A
7-1
Manually Editing MBean Configuration Files
Restarting Applications after Editing
MBean Configuration Files
7-5
A-1
A-1
A-1
MBean Configuration File Format
A-1
SystemProperty and Property Tags in Configuration Files
APPENDIX
B
Using the SESM Agent View Tool
SESM Agent View Overview
A-4
B-1
B-1
Accessing an Application’s Agent View B-2
Configuring the ManagementConsole MBean B-3
Starting and Removing the Management Console B-3
URLs for Accessing Agent Views B-4
Using the CDAT Main Window to Access Agent Views B-4
Using the Agent View
B-5
Using the MBean View
Monitoring an Application
APPENDIX
C
B-6
B-10
Application Manager MBeans
C-13
Configuring Application MBeans
C-13
Generic MBeans C-14
JMImplementation C-14
com.cisco.sesm.ignore C-14
com.cisco.sesm.jmx C-14
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
v
Contents
Adaptor
C-14
Application Management MBeans
com.cisco.sesm C-15
org.mortbay.jetty C-15
RADIUS Data Proxy MBeans
com.cisco.sesm C-16
C-15
C-16
Captive Portal MBeans C-18
com.cisco.sesm C-18
org.mortbay.jetty C-19
Web Application (NWSP) MBeans
com.cisco.sesm C-20
org.mortbay.jetty C-21
C-20
Message Portal MBeans C-22
com.cisco.sesm C-22
org.mortbay.jetty C-23
Web Services Gateway MBeans
com.cisco.sesm C-24
org.mortbay.jetty C-25
C-24
CDAT MBeans C-26
com.cisco.sesm C-26
org.mortbay.jetty C-26
DNS Proxy MBeans
C-27
Cisco Subscriber Edge Services Manager Application Management Guide
vi
OL-3983-02
About This Guide
This preface introduces the Cisco Subscriber Edge Services Manager Application Management Guide.
The preface contains the following sections:
•
Document Objectives
•
Audience
•
Document Organization
•
Document Conventions
•
Related Documentation
•
Obtaining Documentation
•
Obtaining Technical Assistance
•
Obtaining Additional Publications and Information
Document Objectives
This guide describes the Cisco Subscriber Edge Services Manager (Cisco SESM) Application Manager .
Audience
This guide is intended for administrators and others responsible for installing, configuring, and running
SESM applications and deploying SESM solutions.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
vii
About This Guide
Document Organization
Document Organization
This guide includes the chapters shown in the following table:
Chapter
Title
Description
Chapter 1
Introduction
Introduces the Application Manager.
Chapter 2
Installing the Application
Manager
Describes how to install the Application Manager.
Chapter 3
Configuring the Application
Manager
Describes how to configure the Application
Manager and the SESM applications so that they can
be managed.
Chapter 4
Running the Application
Manager
Describes how to start and run the Application
Manager.
Chapter 5
Using the Application Manager
Operational Scenarios
Describes how to use the Application Manager
operational scenarios.
Chapter 6
Using the Application Manager
Advanced Windows
Describes how to use the Application Manager
advanced windows.
Chapter 7
Logging and Debugging in
SESM Applications
Describes how to configure the logging and
debugging mechanisms for SESM applications and
the Jetty server.
Appendix A Manually Editing MBean
Configuration Files
Describes the SESM MBean configuration file
format and how to manually edit the files.
Appendix B Using the SESM Agent View
Tool
Describes how to remotely manage SESM
applications using the SESM Agent View tool.
Appendix C Application Manager MBeans
Describes the MBeans that are configurable using
the Application Manager.
Index
Document Conventions
The following conventions are used in this guide:
Note
Caution
•
Italic font is used for parameters for which you supply a value, emphasis, and to introduce new
terms.
•
Bold font is used for user entry and command names.
•
Computer
font is used for examples.
Means reader take note. Notes contain helpful suggestions or references to materials not contained in
this guide.
Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Cisco Subscriber Edge Services Manager Application Management Guide
viii
OL-3983-02
About This Guide
Related Documentation
Related Documentation
Documentation for the Cisco SESM includes:
•
Release Notes for the Cisco Subscriber Edge Services Manager, Release 3.2
•
Cisco Subscriber Edge Services Manager Solutions Guide
•
Cisco Subscriber Edge Services Manager Quick Start Guide
•
Cisco Subscriber Edge Services Manager Installation Guide
•
Cisco Subscriber Edge Services Manager Deployment Guide
•
Cisco Subscriber Edge Services Manager Web Portal Guide
•
Cisco Subscriber Edge Services Manager Captive Portal Guide
•
Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide
•
Cisco Subscriber Edge Services Manager Troubleshooting Guide
•
Cisco Subscriber Edge Services Manager Application Management Guide
•
Cisco Distributed Administration Tool Guide
•
Cisco Subscriber Edge Services Manager Web Developer Guide
•
Cisco Subscriber Edge Services Manager Plug and Play Guide
•
Cisco Subscriber Edge Services Web Services Gateways Guide
The Cisco SESM documentation is online at:
http://www.cisco.com/univercd/cc/td/doc/solution/sesm/index.htm
Documentation for the Cisco SSG is online at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122b/122
b_4/122b4_sg/
Information related to configuring the SSG authentication, authorization, and accounting features is
included in the following locations:
•
Cisco IOS Security Configuration Guide
•
Cisco IOS Security Command Reference
If you are including the Cisco Access Registrar (a RADIUS server) in your SESM deployment, see the
following documents:
•
Cisco Access Registrar 1.6 Release Notes
•
Cisco Access Registrar User Guide
Obtaining Documentation
Cisco provides several ways to obtain documentation, technical assistance, and other technical
resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
ix
About This Guide
Obtaining Documentation
Cisco.com
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
http://www.cisco.com
International Cisco websites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM
package, which may have shipped with your product. The Documentation CD-ROM is updated regularly
and may be more current than printed documentation. The CD-ROM package is available as a single unit
or through an annual or quarterly subscription.
Registered Cisco.com users can order a single Documentation CD-ROM (product number
DOC-CONDOCCD=) through the Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/ordering_place_order_ordering_tool_launch.html
All users can order annual or quarterly subscriptions through the online Subscription Store:
http://www.cisco.com/go/subscription
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•
Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from
the Networking Products MarketPlace:
http://www.cisco.com/en/US/partner/ordering/index.shtml
•
Nonregistered Cisco.com users can order documentation through a local account representative by
calling Cisco Systems Corporate Headquarters (California, USA.) at 408 526-7208 or, elsewhere in
North America, by calling 800 553-NETS (6387).
Documentation Feedback
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click
Feedback at the top of the page.
You can send your comments in e-mail to bug-doc@cisco.com.
Cisco Subscriber Edge Services Manager Application Management Guide
x
OL-3983-02
About This Guide
Obtaining Technical Assistance
You can submit comments by using the response card (if present) behind the front cover of your
document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Obtaining Technical Assistance
For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, the Cisco
Technical Assistance Center (TAC) provides 24-hour, award-winning technical support services, online
and over the phone. Cisco.com features the Cisco TAC website as an online starting point for technical
assistance.
Cisco TAC Website
The Cisco TAC website (http://www.cisco.com/tac) provides online documents and tools for
troubleshooting and resolving technical issues with Cisco products and technologies. The Cisco TAC
website is available 24 hours a day, 365 days a year.
Accessing all the tools on the Cisco TAC website requires a Cisco.com user ID and password. If you
have a valid service contract but do not have a login ID or password, register at this URL:
http://tools.cisco.com/RPF/register/register.do
Opening a TAC Case
The online TAC Case Open Tool (http://www.cisco.com/tac/caseopen) is the fastest way to open P3 and
P4 cases. (Your network is minimally impaired or you require product information). After you describe
your situation, the TAC Case Open Tool automatically recommends resources for an immediate solution.
If your issue is not resolved using these recommendations, your case will be assigned to a Cisco TAC
engineer.
For P1 or P2 cases (your production network is down or severely degraded) or if you do not have Internet
access, contact Cisco TAC by telephone. Cisco TAC engineers are assigned immediately to P1 and P2
cases to help keep your business operations running smoothly.
To open a case by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447
For a complete listing of Cisco TAC contacts, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
xi
About This Guide
Obtaining Technical Assistance
TAC Case Priority Definitions
To ensure that all cases are reported in a standard format, Cisco has established case priority definitions.
Priority 1 (P1)—Your network is “down” or there is a critical impact to your business operations. You
and Cisco will commit all necessary resources around the clock to resolve the situation.
Priority 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your
business operation are negatively affected by inadequate performance of Cisco products. You and Cisco
will commit full-time resources during normal business hours to resolve the situation.
Priority 3 (P3)—Operational performance of your network is impaired, but most business operations
remain functional. You and Cisco will commit resources during normal business hours to restore service
to satisfactory levels.
Priority 4 (P4)—You require information or assistance with Cisco product capabilities, installation, or
configuration. There is little or no effect on your business operations.
Cisco Developer Support Program
The Developer Support Program was developed to provide formalized support for Cisco interfaces to
accelerate the delivery of compatible solutions to Cisco customers. The program web site at
http://www.cisco.com/go/developersupport provides a central resource point for all your development
needs.
Program Benefits
•
Product and document downloads
•
Bug reports
•
Sample scripts
•
Frequently Asked Questions
•
Access to Developer Support Engineers
Many of the product and document downloads are accessible with a Cisco.com guest level login.
However, as a member of the program, you will get access to all the program benefits listed above to
promote your development efforts. The subscription also provides the ability to open support cases using
the same infrastructure and processes used by Cisco Technical Assistance Center (TAC).
Our Subscription membership is fee-based. The Developer Support Agreement, with the subscription
fees and list of supported interfaces, is available on the Developer Support Web site.
Note
The Cisco TAC does NOT provide support for this API/interface under standard hardware or software
support agreements. All technical support for this API/interface, from initial development assistance
through API troubleshooting/bugs in final production applications, is provided by Cisco Developer
Support and requires a separate Developer Support contract. When opening cases, a Developer Support
contract number must be provided in order to receive support.
Contacting Cisco Developer Support
You can contact Cisco Developer Support using the following:
Cisco Subscriber Edge Services Manager Application Management Guide
xii
OL-3983-02
About This Guide
Obtaining Additional Publications and Information
•
Email: developer-support@cisco.com
•
Web: http://www.cisco.com/go/developersupport
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online
and printed sources.
•
The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as
ordering and customer support services. Access the Cisco Product Catalog at this URL:
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
•
Cisco Press publishes a wide range of networking publications. Cisco suggests these titles for new
and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking
Technology Handbook, Internetworking Troubleshooting Guide, and the Internetworking Design
Guide. For current Cisco Press titles and other information, go to Cisco Press online at this URL:
http://www.ciscopress.com
•
Packet magazine is the Cisco quarterly publication that provides the latest networking trends,
technology breakthroughs, and Cisco products and solutions to help industry professionals get the
most from their networking investment. Included are networking deployment and troubleshooting
tips, configuration examples, customer case studies, tutorials and training, certification information,
and links to numerous in-depth online resources. You can access Packet magazine at this URL:
http://www.cisco.com/go/packet
•
iQ Magazine is the Cisco bimonthly publication that delivers the latest information about Internet
business strategies for executives. You can access iQ Magazine at this URL:
http://www.cisco.com/go/iqmagazine
•
Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering
professionals involved in designing, developing, and operating public and private internets and
intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
•
Training—Cisco offers world-class networking training. Current offerings in network training are
listed at this URL:
http://www.cisco.com/en/US/learning/index.html
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
xiii
About This Guide
Obtaining Additional Publications and Information
Cisco Subscriber Edge Services Manager Application Management Guide
xiv
OL-3983-02
C H A P T E R
1
Introduction
This chapter introduces the Application Manager and its role in Cisco Subscriber Edge Services
Manager (SESM) solutions. Topics are:
•
Application Manager, page 1-1
•
SESM Installation Images, page 1-2
•
Subscriber and Service Profiles, page 1-2
•
SESM Reference Network Diagram, page 1-3
•
SESM Application Management, page 1-4
•
SESM Documentation Map, page 1-5
Application Manager
The Application Manager is a web application that remotely manages SESM applications. It can manage
multiple instances of SESM web portal and captive portal applications, RDP, CDAT, and other
Application Manager instances. These applications can be installed on the same or different systems
from the Application Manager, and a firewall may exist between them.
The Application Manager can perform the following management tasks:
•
Change configuration values for running applications
•
Persist the changes across application restarts
•
View status and metrics for running applications
•
Perform operations on running applications, such as freeing memory in SESM web portals
Two types of management windows are available:
•
Operational Scenarios—These windows offer convenient access to the subset of attributes that are
most likely to require changes during production deployments.
The scenarios present matrixes of attribute settings by application, enabling administrators to easily
compare and change the settings for the same attribute for multiple applications of the same type.
•
Advanced Windows—These windows provide access to all attributes in all MBeans used by an
application. They include the read-only attributes that provide status and metrics for running
applications.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
1-1
Chapter 1
Introduction
SESM Installation Images
SESM Installation Images
The installation images for SESM are available from the product CD-ROM or from the Cisco web site.
SESM images are available for the Sun Solaris, Linux, and Windows platforms.
Table 1-1 shows the names of the compressed and executable files (Note that “x.x.x” is used to denote
version number).
Table 1-1
Installation Image Filenames
Platform
Compressed Filename
Executable Installation
Filename
Solaris
sesm-x.x.x-pkg-sol.tar
sesm_sol.bin
Linux
sesm-x.x.x-pkg-linux.tar
sesm_linux.bin
Windows
sesm-x.x.x-pkg-win32.zip
sesm_win.exe
The procedures for obtaining the installation images are detailed in the Cisco Subscriber Edge Services
Manager Installation Guide.
Subscriber and Service Profiles
SESM solutions require detailed data about subscribers and the services they are authorized to use. We
refer to this data as profiles:
•
Subscriber profiles—Define authentication information, subscribed services, and information about
connection and service options and preferences for each subscriber.
•
Service profiles—Define connection information for the services that subscribers can subscribe and
connect to.
The SESM solution integrates with any one or a combination of the following options to obtain
subscriber and service data:
•
An AAA database managed and accessed by a RADIUS server.
•
An SPE database (an LDAP directory or RDBMS) accessed through the Cisco SPE application
programming interface (API). In SESM deployments, the Cisco Distributed Administration Tool
(CDAT) manages the subscriber and service profiles in the database.
•
A flat file in Merit format, accessed by an appropriately configured RDP application or SESM
portals running in Demo mode.
Cisco Subscriber Edge Services Manager Application Management Guide
1-2
OL-3983-02
Chapter 1
Introduction
SESM Reference Network Diagram
SESM Reference Network Diagram
The following figure shows SESM applications in a hypothetical deployment. Actual deployments might
not use all of the components shown. Item number 9 is the subject of this guide.
Figure 1-1
SESM Network Diagram
SPE
RADIUS
Server 7 Database
RDP
8
9
CDAT and
Application
Manager
6
Captive
Portal
Default
network
10
4
SESM
WSG
5
SESM
Web Portals
1
Billing Server
11
Subscriber access media
www.yahoo.com
ADSL
www.games.com
Internet
www.yourbank.com
PC
Lease line
12
2
WAP
SSG
Content Services
Gateway(CSG)
Dial
Notebook
3
GGSN/PDSN
802.11b
Open
garden
Corporate
VPN
87606
PDA
1
Subscriber access media—SESM applications and solutions are independent of the access media.
2
Service Selection Gateway (SSG)— Most SESM solutions work with and require a Cisco gateway such as the SSG. The
SSG is a feature in the Cisco IOS software running on a Cisco device. The SSG provides authentication, service
connection, connection management, and SESM session capabilities. The SESM portals provide the subscriber’s
interface to SSG for those services.
Content Services Gateway (CSG)—An optional gateway that provides content billing services to the SESM solution.
3
Open garden—The open garden is an SSG feature that allows subscriber access to preconfigured networks without
authentication. Packets destined for open garden networks are not accounted for nor subject to access control by the SSG.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
1-3
Chapter 1
Introduction
SESM Application Management
4
Default network—The SESM applications must run on systems on the SSG default network. The default network (and
open gardens, if configured) are always accessible to subscribers.
5
SESM web portals—Subscribers access the SESM portal using a web browser. The portal provides the following
features: subscriber interface to SSG; one-stop access to services; location-based branding; firewall provisioning; access
to the Cisco Subscriber Policy Engine (SPE) self-care features such as registration, service subscription, account
maintenance, and subaccount management. The access provider (the SESM deployer) presents these features on
personalized browser pages shaped by dimensions such as access device, language preference, and location. The SESM
packages include a number of sample web portal applications. In addition, the captive portal applications are also SESM
web portals.
6
Captive portals—Captive portal applications are specialized SESM web portals that work with the SSG and other SESM
web portals to capture, analyze, and redirect packets for various purposes, including messaging, advertising, or
displaying logon pages in response to unauthenticated access attempts and unconnected service requests.
7
Profiles—SESM solutions are based on subscriber and service data stored in RADIUS or SPE databases.
8
SESM RADIUS Data Proxy (RDP)—The RDP application is a RADIUS server compliant with RFC 2865 and is the
required RADIUS server for SESM SPE-mode deployments. RDP provides access to profiles on the SPE database.
Deployers can configure RDP to proxy requests to other RADIUS servers or flat files. Domain-based proxying forwards
requests to multiple RADIUS servers based on the IP domain in subscriber and service names.
9
Cisco Distributed Administration Tool (CDAT)—CDAT is a web-based GUI tool for managing the SPE extensions in an
LDAP directory. CDAT provides the means for creating and maintaining user (subscriber) and service profiles, user
groups, service groups, roles, and policy rules for the RBAC model.
Application Manager—The Application Manager is a web-based GUI for remotely managing SESM applications in a
distributed deployment. The managed applications can be SESM web portals, captive portals, RDP, CDAT, WSG, and
the Application Manager itself. Administrators use the Application Manager to access the configuration attributes in the
Java Management Extensions (JMX) MBeans used by these SESM applications.
10 Web Services Gateways (WSG)—The SESM WSG applications provide a Simple Objects Access Protocol
(SOAP)-based interface enabling third-party web portals and subscriber management systems to integrate with the SESM
and SSG solution. Any client application can interface with SSG through a WSG using SOAP over HTTP
communication.
11 Billing server—A third-party billing server is required if the SSG Prepaid feature is included in the solution.
12 Services—SESM applications work in conjunction with the Cisco gateway components to provide a one-stop interface
for activating multiple services. SESM can provide the activation interface for any service type supported by the gateway
component. Service information exists in the service profiles.
SESM Application Management
SESM uses the Java Management Extensions (JMX) specification and its related JMX MBean standards
for application configuration. For descriptions of these standards, go to:
http://java.sun.com/products/JavaManagement
A brief introduction to JMX terminology and its relationship to SESM application management follows:
•
JMX manageable resources—Java objects instrumented to allow spontaneous management by any
JMX compliant agent. Each SESM application contains JMX manageable resources.
•
JMX agent— A management entity implemented in accordance with the JMX Agent Specification.
For SESM, the agent is the Cisco ConfigAgent.
Cisco Subscriber Edge Services Manager Application Management Guide
1-4
OL-3983-02
Chapter 1
Introduction
SESM Documentation Map
•
Managed beans (MBeans)—Java objects that represent a JMX manageable resource. MBeans for
each SESM application are specified in XML files installed in the application’s config directory
under the SESM installation directory.
•
JMX server ( also called the MBean server)—A registry for objects that are exposed to management
operations by an agent. Any object that is registered with the JMX server becomes visible to the
agent. In SESM applications, MBeans are registered by the ConfigAgent or by other MBeans.
Administrators can change SESM application configuration by changing the attribute values in MBeans.
In SESM Release 3.2, use any of these ways to change MBean attribute values:
•
Use the Application Manager, a web-based GUI tool. This is the preferred way to manage running
SESM applications. The tool includes:
– Operational scenarios that present the most-used attributes for quick access and adjustments.
– Advanced screens that present all attributes.
– A bulk upload feature for importing large mappings of subscriber subnets to SSGs.
•
Manually edit the XML files associated with the application. XML files are located in the
application’s config directory (for example, nwsp/config/nwsp.xml). If you use this method, you
must stop and restart the application before the changes take effect.
•
Use the SESM Agent View, a web-based view of managed resources and associated MBeans. The
Agent View is an adaptation of the Management Console provided by the HTML adaptor server,
which is included with the Sun example JMX server. The Cisco adaptations add persistence features
to the server.
Note
The Application Manager replaces the SESM Agent View. The Agent View is included in this
SESM release to provide convenience and continuity during migrations from previous releases.
SESM Documentation Map
Table 1-2 can help you to locate information in the SESM documentation set. Go to the following URL
to access the online version of the SESM documentation:
http://www.cisco.com/univercd/cc/td/doc/solution/sesm/index.htm
Table 1-2
SESM Documentation Map
To Learn About
Read
SESM Features
Cisco Subscriber Edge Services Manager Solutions Guide
Cisco Subscriber Edge Services Manager Web Portal Guide
Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide
Cisco Subscriber Edge Services Manager Captive Portal Guide
SESM Deployment
Cisco Subscriber Edge Services Manager Quick Start Guide
Cisco Subscriber Edge Services Manager Installation Guide
Cisco Subscriber Edge Services Manager Deployment Guide
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
1-5
Chapter 1
Introduction
SESM Documentation Map
To Learn About
Read
SESM Application
Management and
Configuration
Cisco Subscriber Edge Services Manager Application Management Guide
Cisco Subscriber Edge Services Manager Web Portal Guide
Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide
Cisco Subscriber Edge Services Manager Captive Portal Guide
Profile Management
RADIUS
Cisco Subscriber Edge Services Manager Deployment Guide
Profile Management
SPE
Cisco Distributed Administration Tool Guide
SPE Role Based Access Cisco Distributed Administration Tool Guide
Control (RBAC)
Troubleshooting
Release Notes for the Cisco Subscriber Edge Services Manager, Release 3.2
Cisco Subscriber Edge Services Manager Troubleshooting Guide
SESM Portal
Development
Cisco Subscriber Edge Services Manager Web Developer Guide
Web Services Gateway
Cisco Subscriber Edge Services Manager Web Services Gateways Guide
SESM Platform SDK
Cisco Subscriber Edge Services Manager SDK Platform Programmer Guide
Plug and Play
Connectivity
Cisco Subscriber Edge Services Manager Plug and Play Guide
JavaDoc (included with the software distribution)
Cisco Subscriber Edge Services Manager Application Management Guide
1-6
OL-3983-02
C H A P T E R
2
Installing the Application Manager
This chapter describes how to install the Application Manager. Topics are:
•
Important Information about Installing Application Manager, page 2-1
•
Recommended Browsers, page 2-1
•
Reference to Detailed Installation Instructions, page 2-2
•
Installation Results, page 2-2
Important Information about Installing Application Manager
The Application Manager is available for installation from any of the SESM installation packages.
The following information is important to understand when installing the Application Manager:
•
The Application Manager is included in a typical installation. It is also included any time you install
the CDAT component using a Custom installation.
•
The Application Manager is not included in a Demo installation
•
The Application Manager must run in a J2EE container. In SESM Release 3.2, the Application
Manager is verified to run in the Jetty container. The installation program configures the Application
Manager to run in a Jetty container.
Recommended Browsers
We recommend the following browsers for the Application Manager:
•
Microsoft Internet Explorer Versions 5.5 or later
•
Netscape Version 7 or later
Operation on earlier versions of the above browsers and on other browsers is not verified.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
2-1
Chapter 2
Installing the Application Manager
Reference to Detailed Installation Instructions
Reference to Detailed Installation Instructions
See the Cisco Subscriber Edge Services Manager Installation Guide for:
•
Installation platform requirements
•
Prerequisite steps to perform before running the installation program
•
Detailed installation procedures
•
Explanations of the configuration attributes presented by the installation program
Installation Results
The following directories and files in the SESM installation directory are related to the Application
Manager:
appmgmt
config
AdapterFactoryInit.xml
docs
webapp
The installation procedure adds startup scripts and container configuration files for the Application
Manager and the RMI Registry to the jetty directory under your SESM installation directory:
jetty
bin
runrmiregistry
startAPPMGMT
config
appmgmt.jetty.xml
Each SESM application directory includes an rmi.xml file related to the Application Manager. For
example:
nwsp
config
rmi.xml
The exception is the RDP application. Rather than a separate rmi.xml file, the application management
information is merged into the rdp.xml file. A start script for the RMI Registry is included in the RDP
bin directory, along with the RDP start script.
rdp
config
rdp.xml
rdp
bin
runrmiregistry
Cisco Subscriber Edge Services Manager Application Management Guide
2-2
OL-3983-02
C H A P T E R
3
Configuring the Application Manager
This chapter describes how to configure the Application Manager. Topics are:
•
Underlying Technology, page 3-1
•
Required Configuration Procedures, page 3-3
•
Adding New Applications to Manage, page 3-4
•
Configuring Logon Values for the Application Manager, page 3-6
Underlying Technology
The Application Manager is a J2EE web application. It connects to remote applications and provides a
management portal allowing those applications to be managed from a web browser. You can configure
the Application Manager to manage multiple SESM applications on multiple host systems in various
domains. There can be firewalls between the remote applications and the Application Manager.
The term remote in this case means any SESM application running in a Java Virtual Machine other than
the one in which the Application Manager is running. The Application Manager can be configured to
register itself as a remote application and is then capable of managing itself.
The Application Manager uses the Java Remote Method Invocation (Java RMI) to contact and manage
remote SESM applications. For information about RMI technology, see the following URL:
http://java.sun.com/products/jdk/rmi/
The Application Manager uses the RMI technology as follows:
•
Each SESM application has an RMI server, started by the SESM application startup scripts. (Each
SESM application also has a JMX MBean server, also started by the SESM application startup
scripts.)
•
Each host system on which a SESM application is running must be running an RMI Registry
application. The SESM administrator must ensure that an RMI Registry is running whenever a
SESM host system restarts.
•
When a SESM application starts, its RMI server registers itself with the RMI registry on its host
system using a unique name. The name is specified in the rmi.xml file, which is in the SESM
application directory under the SESM directory (for example, nwsp/config/rmi.xml).
Note
The RDP application does not have a separate rmi.xml file; rather, the RMI configuration
information is merged into the rdp.xml file.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
3-1
Chapter 3
Configuring the Application Manager
Underlying Technology
•
The Application Manager is an RMI client. It accesses the RMI Registry on each host for status and
access information about the SESM applications running on the host. The AdapterFactoryInit.xml
file specifies which applications the Application Manager should manage and the contact
information (URL and port) for the RMI Registry on each host system.
•
Using information it obtains from the RMI Registry, the Application Manager connects to the SESM
application. It obtains MBean attribute information from the application’s MBean server.
•
The Application Manager also has an RMI server and an MBean server, so that it can manage itself
or other Application Manager instances.
Figure 3-1 shows RMI elements in a SESM deployment distributed over four host systems.
Figure 3-1
Remote Management Using the Application Manager
RMI Registry
Application Manager
MBean
Server
RMI
Client
RMI
Server
JVM
host_1
RMI Registry
RMI Registry
RMI Registry
NWSP
NWSP
PDA
MBean
Server
JVM
RMI
Server
MBean
Server
RMI
Server
JVM
MBean
Server
RMI
Server
JVM
host_2
host_4
WAP
RMI
Server
JVM
host_3
87553
MBean
Server
Cisco Subscriber Edge Services Manager Application Management Guide
3-2
OL-3983-02
Chapter 3
Configuring the Application Manager
Required Configuration Procedures
Required Configuration Procedures
This section describes required configuration procedures. The topics are:
•
Granting Access to the RMI Registry, page 3-3
•
Setting the Classpath and Running the RMI Registry, page 3-4
Granting Access to the RMI Registry
On each system that is hosting SESM applications, you must edit the JRE security file to grant
permission to connect to the port that the RMI Registry is configured to use. If you do not have
permission to edit the security file, ask your network administrator to perform this procedure.
Follow these steps:
Step 1
Locate the JVM that the SESM applications are using at startup:
•
If an environment variable for $JDK_HOME variable is set on the system, use that path.
•
Otherwise, examine the generic start script in the jetty directory (for example, jetty/bin/start.sh) for
the line that contains:
set JDK_HOME=
The setting for $JDK_HOME in the above line depends on choices made during installation. It
points to either:
– The JRE bundled with SESM, installed under the SESM install directory, in the _jvm directory.
– A JDK or JRE installed elsewhere on the system, whose pathname you provided during SESM
installation.
Step 2
Edit the following file:
$JDK_HOME (as established in step 1)
lib
security
java.policy
Step 3
In the grant section, add a new SocketPermission line that allows the RMI registry to connect to
applcations. For example, find the first line below and add the second line :
permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.net.SocketPermission “localhost:1099”, “connect, resolve”;
Note
Step 4
By convention, the port number for the RMI Registry is 1099. If you want the RMI Registry to execute
on some other port, adjust the line above to reflect the correct port number (localhost:portno).
Repeat the above procedure on every system that hosts SESM applications that you want to manage.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
3-3
Chapter 3
Configuring the Application Manager
Adding New Applications to Manage
Setting the Classpath and Running the RMI Registry
On each system that is hosting SESM applications, you must configure and start the RMI Registry before
starting any of the SESM applications. Once started, the RMI Registry usually runs continuously until
the system reboots.
To configure and start the RMI Registry, follow these steps:
Step 1
Run the RMI startup script. The script is located in:
jetty
bin
runrmiregistry
or
rdp
bin
runrmiregistry
By default, the RMI Registry runs on port 1099. If you want to start it on a different port, you can include
the port number on the command line when you execute the runrmiregistry script. The runrmiregistry
script will pass along any standard arguments that the rmiregistry program accepts.
Step 2
To ensure that the Registry is restarted whenever the system reboots, we recommend that you add the
runrmiregistry script to the server’s automatic startup procedures.
Step 3
Repeat the above procedure on every system that hosts SESM applications that you want to manage.
The runrmiregistry script does the following:
1.
Executes the appropriate command to add the mx4j-tools.jar file in the SESM installation directory
to your CLASSPATH variable.
On Solaris and Linux:
setenv CLASSPATH $CLASSPATH\:installDir/redist/mx4j/lib/mx4j-tools.jar
On Windows, use Settings > Control Panel > System > Advanced (or similar menu items and tabs)
to access the environment variables window. In the list of system variables, create or add to the
CLASSPATH variable.
Variable name: CLASSPATH
Required path to include: Drive:\installDir\redist\mx4j\lib\mx4j-tools.jar
2.
Locates the JRE that the SESM applications are using, as described in the “Granting Access to the
RMI Registry” section on page 3-3.
3.
Starts the RMI Registry. The executable is:
$JDK_HOME
bin
rmiregistry
Adding New Applications to Manage
This section describes how to add a new SESM application or application instance to the list of remotely
managed applications.
Cisco Subscriber Edge Services Manager Application Management Guide
3-4
OL-3983-02
Chapter 3
Configuring the Application Manager
Adding New Applications to Manage
Note
Skip this section if you installed all of the SESM applications on the same host system with the
Application Manager, during the same installation session.The installation program already performed
the steps described in this section for those applications.
To configure a new SESM application so that the Application Manager can remotely manage it, follow
these steps:
Step 1
Make sure the JNDIName attribute in the application’s rmi.xml file is unique on the host system.
a.
Open the rmi.xml file in the application directory. For example, if you are adding a new instance of
NWSP, open the following:
nwsp
config
rmi.xml
Note
b.
The exception is the RDP application. Rather than a separate rmi.xml file, the application
management information is merged into the rdp.xml file.
Locate the lines that define the JNDIName. For example:
<Configure jmxname="Adaptor:protocol=JRMP">
<Set name="JNDIName" type="String">webapp_server1-w2k01_8080</Set>
</Configure>
c.
If the value of JNDIName is not unique on the system, change the name. The SESM installation
program sets the JNDIName to the following value:
applicationName_systemName_applicationPortNo
Note
Step 2
The JNDIName for NWSP, WAP, and PDA applications are not unique after installation. The installation
program uses the same value for applicationName (webapp) for all of the sample portal applications.
Add or change a corresponding entry in the AdapterFactoryInit.xml file in the Application Manager
config directory.
a.
Edit the following file:
appmgmt
config
AdapterFactoryInit.xml
b.
Make sure the file contains AdapterMapping entries that correspond to the application you named
in Step 1.
<AdapterMapping name=”webapp_server1-w2k01_8080”>
<Protocol>rmi</Protocol>
<JNDIName>webapp_server1-w2k01_8080</JNDIName>
<RMIURL>rmi://server1-w2k01:1099</RMIURL>
</AdapterMapping>
In the above lines:
– The name attribute specifies the name used in the Application Manager list of applications. It
does not have to match any other configured values, but debugging will be easier if the name
displayed in the windows matches the configured JNDIName.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
3-5
Chapter 3
Configuring the Application Manager
Configuring Logon Values for the Application Manager
– The JNDIName attribute value must match the name you used in the rmi.xml file.
– The JNDIName attribute value must be unique for each application on the host system.
– The RMIURL attribute value must be:
rmi://hostName:portNo
Where:
hostName is the fully qualified hostname or host IP address on which the application named in
JNDIName runs.
portNo is the port number the RMI Registry was started on. The default is port 1099.
Configuring Logon Values for the Application Manager
To access the Application Manager, you must enter a user ID and password.
1.
User ID—Enter a user ID that you want to have access to the Application Manager. The default value
is MgmtUser.
2.
Password—Enter a password that will be required to access the Application Manager. The default
is MgmtPassword.
Cisco Subscriber Edge Services Manager Application Management Guide
3-6
OL-3983-02
C H A P T E R
4
Running the Application Manager
This chapter describes how to start and run the Subscriber Edge Services Manager (SESM) Application
Manager. Topics are:
•
Startup Procedures for Application Manager, page 4-1
•
Troubleshooting Application Manager Startup, page 4-2
•
Stopping the Application Manager, page 4-4
•
Adding and Removing Services on Windows, page 4-4
Startup Procedures for Application Manager
Use the following procedure to start the Application Manager:
Step 1
On each of the SESM application host systems, make sure that the RMI Registry (rmiregistry) is running.
If the rmiregistry process is not running, you can start it with the following script in the SESM
installation directory:
jetty
bin
runrmiregistry
See “Setting the Classpath and Running the RMI Registry” section on page 3-4. Once started, the RMI
Registry usually runs continuously until the system reboots.
Step 2
Start the SESM applications on each host system.
Note
Applications register with the RMI registry at application startup. The RMI Registry must be running on
the system before you start the SESM applications on that system.
Step 3
Start the Application Manager. The startup script is in the SESM installation directory with other SESM
web application startup scripts:
jetty
bin
startAPPMGMT
Step 4
Open a web browser. See the “Recommended Browsers” section on page 2-1.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
4-1
Chapter 4
Running the Application Manager
Troubleshooting Application Manager Startup
Step 5
Navigate to the Application Management URL. You can either:
a.
Click the Application Management link on the CDAT main page, or
b.
Enter the Application Management URL in the browser. For example:
http://localhost:8082
The URL is:
http://hostName:portNo
Where:
hostName is the IP address or host name of the system where the Application Manager is running
portNo is the Application Management port, specified in the startAPPMGMT startup script.
The Application Management logon page appears.
Step 6
Log in using a valid user name and password. See “Configuring Logon Values for the Application
Manager” section on page 3-6.
The Application Management main window appears. See Figure 4-1.
Figure 4-1
Application Management Main Window
The tabs at the top of the window control the type of management you can perform.
•
Configuration Tab (selected by default)—Accesses the SESM operational scenarios. To enter an
operational scenario, click one of the menu items on the second line of the window. For more
information, see Chapter 5, “Using the Application Manager Operational Scenarios.”
•
Advanced Tab—Accesses the MBean details for individual applications. For more information, see
Chapter 6, “Using the Application Manager Advanced Windows.”
Troubleshooting Application Manager Startup
If the main window does not appear:
•
Check the Application Manager URL. Make sure the port number in the URL matches the port
number used at startup. The startAPPMGMT script sets the port number. ‘
•
Check the Application Manager logs in:
appmgmt
logs
Cisco Subscriber Edge Services Manager Application Management Guide
4-2
OL-3983-02
Chapter 4
Running the Application Manager
Troubleshooting Application Manager Startup
If applications that you have configured for management do not appear in the operational scenarios,
check the following:
•
Make sure the RMI Registry is running on the systems that are hosting the SESM applications. See
“Setting the Classpath and Running the RMI Registry” section on page 3-4 for a description of the
rmiregistry script and what it does.
•
Make sure the RMI Registry is running before you start the SESM applications that you want to
manage.
•
Mare sure that the RMI Registry port is correctly specified in the RMIURL attribute in the
AdapterFactoryInit.xml file. The default port used by the rmiregistry startup script is 1099. For
example:
<RMIURL>rmi://server1-w2k01:1099</RMIURL>
•
Make sure the CLASSPATH environment variable contains the correct path name to the
installDir/redist/mx4j/lib/mx4j-tools.jar file in the SESM installation directory. You must change
the CLASSPATH variable if you reinstall the product into a different directory. If you have to change
the CLASSPATH value, stop and restart the rmiregistry process.
•
Make sure the JNDIName attributes in the application rmi.xml files specify a unique names for each
application running on a system.
Note
The RDP application does not use a separate rmi.xml file. The JNDIName attribute is in the
rdp.xml file.
•
Make sure the JNDIName attribute values in the application rmi.xml files match the JNDIName
attribute values in the AdapterFactoryInit.xml file. The relevant path names are:
nwsp (or other application name)
config
rmi.xml
appmgmt
config
AdapterFactoryInit.xml
For example, the following line is extracted from nwsp/config/rmi.xml:
<Set name="JNDIName" type="String">webapp_server1-w2k01_8080</Set>
</Configure>
The following lines are extracted from appmgmt/config/AdapterFactoryInit.xml:
<AdapterMapping name="webapp_server1-w2k01_8080">
<Protocol>rmi</Protocol>
<JNDIName>webapp_server1-w2k01_8080</JNDIName>
<RMIURL>rmi://server1-w2k01:1099</RMIURL>
</AdapterMapping>
Note
The name attribute specifies the name displayed in the Application Manager window. It does not have
to match the JNDIName, but matching names aids debugging.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
4-3
Chapter 4
Running the Application Manager
Stopping the Application Manager
Stopping the Application Manager
To stop the Application Manager on Solaris and Linux, execute the following script. The script does not
accept arguments.
jetty/bin/stopAPPMGMT.sh
To stop the Application Manager on Windows, you can:
•
Open the Task Manager window, select the appropriate task, and click the End Task button. If you
are prompted again, click the End Now button.
•
If you added the application as an NT service, you can use the Services window to stop the service.
Open Control Panel > Services or Control Panel > Administrative Tools > Services and select
the service you want to stop. Use the menu commands on the Services window to stop the selected
service.
Adding and Removing Services on Windows
On a Windows platform, you can add SESM applications to the list of Windows services. When an
application is a service, it appears in the Services window accessed from the control panel. You can start
and stop any service from this window. You can optionally configure a service to start automatically
when the system reboots.
The SESM installation program provides service scripts for the RMI Registry and Application Manager,
as well as for the web portals, CDAT, and RDP applications. The command syntax is the same for all of
the service scripts:
•
scriptName -i
installs the application as a service so that it can be managed from the Services
window
•
scriptName -h
displays the command usage
•
scriptName -r
removes the application from the Services window
Table 4-1 lists the names and locations of the scripts that add and remove services for application
management.
Table 4-1
Scripts for Adding and Removing Services on Windows
Services Script Location and Name
Default Service Name
jetty\bin\appmgmtsvc.cmd
Application Management
Service Dependencies
If you select the automatic startup option for SESM applications, make sure the dependencies are set
correctly.
•
On each system that is hosting SESM applications, the RMI Registry must start before the SESM
applications.
•
The Application Manager, which may or may not be on the same system as other SESM
applications, can start before or after the applications it manages. The Application Manager picks
up newly started applications whenever you display a new window or refresh the current window, if
the configuration files include the newly started application.
Cisco Subscriber Edge Services Manager Application Management Guide
4-4
OL-3983-02
C H A P T E R
5
Using the Application Manager Operational
Scenarios
This chapter describes how to use the Subscriber Edge Services Manager (SESM) Application Manager
operational scenarios. Topics are:
•
Purpose of Operational Scenarios, page 5-1
•
Accessing the Operational Scenarios, page 5-2
•
General Instructions for Using the Operational Scenarios, page 5-4
•
Operational Scenario Descriptions, page 5-5
Purpose of Operational Scenarios
The operational scenarios offer access to the subset of attributes that are most likely to require changes
during production deployments. The scenarios present matrixes of attribute settings by application,
enabling administrators to easily compare and change the settings for the same attribute for multiple
applications of the same type.
You might want to switch to the advanced windows for the following reasons:
•
Check the status of managed applications
•
Connect to applications that were started after the Application Manager was started
•
Connect to applications that were previously unmanageable, but are now available for management
•
Change attributes that are not included on the operational scenarios
•
View monitoring (read-only) attribute values
To use the advanced windows, click the Advanced tab. For more information about the Advanced
windows, see Chapter 6, “Using the Application Manager Advanced Windows.”
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-1
Chapter 5
Using the Application Manager Operational Scenarios
Accessing the Operational Scenarios
Accessing the Operational Scenarios
To display the operational scenarios, follow these steps:
Step 1
Click the Configuration tab in the first row in the Application Manager window. (Figure 5-1.)
Figure 5-1
Step 2
Click the area of interest in the second row on the Application Manager window. (Figure 5-2.)
Figure 5-2
Step 3
Tabs Row
Interest Row
If a Table of Contents (TOC) appears on the left of the Application Manager window, click an item from
the TOC. (Figure 5-3.)
Figure 5-3
Scenario Table of Contents
The selected operational scenario displays. (Figure 5-4.)
Cisco Subscriber Edge Services Manager Application Management Guide
5-2
OL-3983-02
Chapter 5
Using the Application Manager Operational Scenarios
Accessing the Operational Scenarios
Figure 5-4
SESM Application Logging Scenario
Researching Applications Not Appearing on an Operational Scenario
Each operational scenario lists the currently managed applications that use the MBeans represented in
the scenario. To appear in the list on an operational scenario window, an application must be:
•
Started after the RMI registry on the application’s system was started
•
Currently running
•
Configured to be managed by the Application Manager
•
Using the MBean that the operational scenario represents
If you do not see all of the applications that you expected to see in an operational scenario, follow these
steps:
Step 1
Click the Advanced tab. The Advanced window shows the status of all applications listed in the
AdapterFactoryInit.xml file.
Step 2
If the application you are looking for is not in the list, check the AdapterFactoryInit.xml file for a
configuration error.
Step 3
If the application you are looking for is in the list with a status of Not Managed, it means that the
Application Manager is not connected to that application. Click the Connect button to attempt to connect
to it.
Step 4
If connection fails or if the application is not in the list on the Advanced window, see the
“Troubleshooting Application Manager Startup” section on page 4-2.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-3
Chapter 5
Using the Application Manager Operational Scenarios
General Instructions for Using the Operational Scenarios
General Instructions for Using the Operational Scenarios
This section contains general instructions for using the operational scenario windows.
Changing Attribute Values
To change an attribute value:
Step 1
Click the attribute you want to change.
Step 2
Enter or select the new value.
Step 3
Note
Step 4
•
For fields with predefined values, a small drop down box appears in the cell. Select the value you
want in the drop-down box.
•
For fields that do not have predefined values, a small string input box appears in the cell. Enter the
new value in the box.
•
For fields that are arrays or maps, a hot text link appears in the cell. Click the link to go to another
page that lists the items in the array or map, and the current settings for each field. You can create
or delete items, or change the values of fields for the existing items.
•
If an attribute field is blank, it means that the application in that row does not have a value set for
that attribute.
Press Return after you edit a value to transmit the change.
The font in a changed field turns bold. If the font of an edited field is not bold, the change was not
recognized and will not be applied.
Click Apply to make the changes take effect, or click Reset to reverse the changes you made since you
last clicked Apply.
Changing Column Widths
You can adjust the width of any attribute column by dragging the column divider line in the header.
Changing List Ordering
By default, records on the Operational Scenario windows are ordered in ascending order by application
name. You can change the ordering as follows:
•
To use a different column as the basis for record ordering, click in that column’s header.
•
To switch between ascending and descending order of values in a specific column, click the arrow
in the column’s header. The arrow’s orientation (pointing up or pointing down) indicates the current
ordering.
Cisco Subscriber Edge Services Manager Application Management Guide
5-4
OL-3983-02
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Button Operations
Table 5-1 describes the buttons on the operational scenario windows.
Table 5-1
Buttons in Operational Scenarios
Button
Explanation
Apply
Performs both of the following operations, unless the Application Manager displays a
message stating otherwise:
•
Sends the attribute changes to the running application.
•
Persists the attribute changes for future restarts by storing the changed MBean in
the application’s configuration file (for example, nwsp.xml).
The persistence (store) operation obtains the run-time value of all attributes in an
MBean, and writes over the MBean in the XML file. The write has the following effects
on the contents of the XML file:
•
Deletes any <SystemProperty> or <Property> tags used in the MBean in the
originally-installed configuration file. The Store operation is not aware of property
definitions or values assigned by the startup script.
•
Deletes comments in the MBean.
•
Includes all read-write attributes in the MBean, whereas the installed configuration
files might include only the most commonly changed attributes.
•
Deletes a <Call> tag inside a <Configure> tag. If the <Call> element sets an
attribute value, the rewritten MBean contains the attribute assignment performed in
a different way. However, if the <Call> element is performing an action other than
setting an attribute value, the action is lost. The correct way to call methods is to
use the <Action> tag.
Reset
Reverts the displayed attribute values to the current stored values being used in the
running application.
Add, Edit,
Delete
Adds, changes, or deletes items in array or map attributes
Operational Scenario Descriptions
The following operational scenarios are available in this SESM release.
•
CDAT Session—Configures session attributes for LDAP directory management sessions in CDAT.
This scenario is relevant only to the CDAT application.
•
Deployment—Configures SESM portal applications.
•
Firewalls—Configures attributes that control the display of the My Firewall page in NWSP. This
scenario is relevant only to SESM portals deployed in SPE mode.
•
Logging—Configures attributes that control logging and debugging for both the Jetty server and the
SESM applications. This scenario is relevant to all SESM applications.
•
RADIUS Dictionary—Defines new RADIUS attributes to SESM deployments. A new attribute is
any attribute not predefined in the SESM core model. This scenario is relevant only to SESM
applications that use the RADIUS Dictionary MBean (RDP, Bundled RADIUS server, and the
SESM Proxy Server).
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-5
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
•
RDP—Configures RDP. This scenario is relevant only to the RDP application.
•
SPE—Configures the SPE MBeans. This scenario is relevant only to SESM applications that
connect to an LDAP directory using the SPE (CDAT, SESM portals running in SPE mode, and RDP).
•
SSG—Configures the client to SSG mappings that determine which SSG handles a subscriber
session if the port bundle host key feature is not being used. This scenario includes a bulk upload
feature that copies the mappings from one application into other applications. This scenario is
relevant to SESM portal applications when the port bundle host key feature is not used.
CDAT Session Operational Scenario
Table 5-2 describes the attributes in the CDAT operational scenario.
Table 5-2
CDAT Session Operational Scenario
Attribute
Explanation
queryTimeout
The timeout (in milliseconds) for queries to the LDAP directory. Changes to this
attribute value take immediate effect. A value of zero is an infinite timeout value.
Default: 0 (milliseconds)
sessionTimeout
The maximum period of inactivity allowed after logging into a CDAT directory
management session. When this time period elapses with no activity, CDAT logs
the user out. Values are in seconds. A negative value prevents the user from ever
being logged out. Changes to this attribute value take effect for subsequent
logins.
Default setting: 600 (seconds)
Deployment Operational Scenario
The Deployment tab presents a Table of Contents with the following options:
•
Web Applications—Configures the following options for the SESM portal applications:
– Single Sign On
– Auto Connect
This window also displays the portal application mode (values are RADIUS, SPE, or Demo) as a
read-only value. A change in the mode usually requires additional changes to other MBeans as well.,
and is therefore not permitted on the operation scenario window. You can use the Advanced windows
or manually edit the configuration files to change the mode. You can also override the mode setting
in the XML file at startup time with the command-line mode argument.
•
Confirmation Settings—Configures options that control whether to display a confirmation message
to the subscriber before performing a requested action:
– Account Logoff—Before logging out of a SESM session.
– Service logoff—Before disconnecting the subscriber from a service.
– Service logon—Before logging onto a service using the subscriber’s stored logon information.
– Mutex Disconnect—Before disconnecting a service in a mutually exclusive service group, when
the subscriber requests a connection to another service in the group.
Cisco Subscriber Edge Services Manager Application Management Guide
5-6
OL-3983-02
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
•
Timeout Settings—Configures the following cache attributes.
– Session Cache Period
– Profile Cache Period
•
Application Memory—Displays memory attributes and provides a way to clear the Java virtual
memory for an application. This window shows two read-only attributes and one operational button:
– Free Memory—Shows available virtual memory. If subscribers attempting to log onto SESM
start receiving “Server Busy” messages, consider using the Free Memory button to create more
free memory.
– Total Memory—Shows the total Java virtual memory allocated to the application. If an
application requires frequent use of the Free Memory button, consider increasing the
application’s total memory. To increase total memory, edit the Java command at the end of the
generic startup script. The setting for Java virtual memory at installation is 64M, as shown in
the following line extracted from the generic start script on Windows:
rem Make the initial heap the same size as the maximum heap.
rem It aids the internal memory management.
"%JAVA%" -Xms64m -Xmx64m ^
– Free Memory button—Use this button to clear the application’s cache and create free memory.
Freeing memory does not affect current sessions; SESM obtains session status from SSG
whenever it needs it.
Firewalls Operational Scenario
Table 5-3 describes the attributes in the Firewalls operational scenario. See the Cisco Subscriber Edge
Services Manager Web Portal Guide for more information about these attributes.
Table 5-3
Firewalls Operational Scenario
Attribute
Explanation
Protocols
Defines firewall protocols. The list includes both the SESM predefined protocols
and the customized entries added by the deployer. You can add more customized
entries and edit or remove existing customized entries.
Applications
Defines firewall applications. The list includes both the SESM predefined
applications and the customized entries added by the deployer. You can add more
customized entries and edit or remove existing customized entries.
Display
Applications
Specifies the firewall applications that you want to display on the NWSP My
Firewall page, in the Applications/Protocols column.
The column on the left shows all of the configured applications. The column on
the right shows the applications to be displayed on the MyFirewall page.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-7
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Table 5-3
Firewalls Operational Scenario
Attribute
Explanation
direction
Specifies direction (in or out) for the default access control direction in the ACLs
created by SESM. See the Cisco Subscriber Edge Services Manager Web Portal
Guide for more information about created ACLs.
Value values for direction are:
•
in—Upstream, from the subscriber
•
out—Downstream, to the subscriber
All connections have a return path. A block on in also affects traffic traveling in
the opposite direction, and vice-versa. For any ACL, the choice of whether to
control the in or out direction is a matter of preference.
returnOption
Sets the return option for TCP applications. Recommended values are: permit
and default. Default refers to the Permit/Deny All Else button on the My Farewell
page.
Default: permit
Logging Operational Scenario
The Logging tab presents a Table of Contents with the following options:
•
SESM Applications—Select this option to configure the Logger MBean used by all SESM
applications. This MBean configures the application log, which records logging and debugging
messages from a SESM application. The default location and name of this log is:
application.home/logs/yyyy_mm_dd.application.log
•
Jetty Web Servers—Select this option to configure the Log MBean used by the Jetty Server. This
MBean configures the Jetty log, which records logging and debugging messages from Jetty. The
logging messages record the startup of the Jetty server and all ongoing activity, such as errors
trapped by the Jetty server and HTTP errors. The default location and name of this log is:
application.home/logs/yyyy_mm_dd.jetty.log
The application.home value is set in the application startup script.
The Logging Operational Scenario offers a quick way to turn various logging levels on and off. See
Chapter 7, “Logging and Debugging in SESM Applications,” for more information about configuring
and using log files.
Cisco Subscriber Edge Services Manager Application Management Guide
5-8
OL-3983-02
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Figure 5-5
Jetty Web Server Logging Configuration
RADIUS Dictionary Operational Scenario
The RADIUS Dictionary operational scenario provides a way to add new RADIUS attributes to a SESM
deployment. This scenario is relevant only for applications that use the RADIUS Dictionary MBean
(RDP applications and tools).
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-9
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Table 5-4 describes the attributes in the RADIUS Dictionary window.
Table 5-4
RADIUS Dictionary Operational Scenario
Attribute
Explanation
RADIUS Attributes An array of new attribute definitions. To define a new attribute, add a new item
to this array. The format for an item is:
name(radiusAttributeId,vendorId,vendorSubattribute,datatype)
Where:
•
name—The new attribute name.
•
radiusAttributeId—Use attribute value 26, the vendor-specific attribute.
•
vendorId—A RADIUS vendor ID.
•
vendorSubattribute—A unique number that distinguishes this attribute from
other VSAs for the same vendor.
•
datatype—One of the following values: BINARY, STRING, INTEGER,
IPADDRESS. When datatype is BINARY, the value assigned to the attribute
must be expressed as a hexadecimal string.
An example follows:
demoVSA(26,1,1,BINARY)
Other valid syntax formats are represented below:
name([[type=]26],[vendorId=]vendorId,[vendorType=]vendorType,[dataType=]
dataType)
For example:
demoVSA(type=26,vendorId=1,vendorType=1,dataType=INTEGER)
RDP Operational Scenario
Table 5-5 describes the attributes in the RDP operational scenario.
Table 5-5
RDP Operational Scenario
Attribute
Explanation
AuthAttributes
This attribute applies only when authentication is performed by SPE and you
require additional keys for subscriber authentication. The USER_NAME is
always required and should not appear in the list. RDP is installed with one
additional key, PASSWORD. Any other standard RADIUS attribute can be used
for multi-key authentication.
RADIUS
Passwords
The profile passwords are required by certain DESS profile handlers. These
passwords might be optional in your deployment. See the Cisco Subscriber Edge
Services Manager RADIUS Data Proxy Guide for more information.
Cisco Subscriber Edge Services Manager Application Management Guide
5-10
OL-3983-02
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Table 5-5
RDP Operational Scenario
Attribute
Explanation
AutoService
The service options apply only when authorization is performed by SPE. These
options control the type of service information that the DESS authorization
handler adds to authentication replies from RDP to SSG.
Group
Service
For more information about these options and the additional requirements
associated with them, see the “Service Options Description” in the Cisco
Subscriber Edge Services Manager RADIUS Data Proxy Guide.
SPE Operational Scenario
Table 5-6 describes the attributes in the SPE operational scenario.
Table 5-6
SPE Operational Scenario
Attribute
Explanation
Session Timeout
Specifies the timeout of inactive client sessions in seconds.
Default: 600
Expire Interval
Specifies the interval in seconds after which the cache attempts to expire objects.
Note
Do not set this attribute to 0. A value of 0 causes every request to go to
the directory, bypassing caching and any memory storage from a recent
request for the same object. A value of 0 degrades performance
substantially.
Default: 600
Object Timeout
Specifies the number of seconds before objects time out.
Default: 600
SSG Operational Scenario
The SSG operational scenario presents a Table of Contents with the following choices.
•
SSG Mappings—Use this scenario to configure SSG MBean attributes for SESM portals. The SSG
MBean configures the SSG communication and session handling attributes.
•
Bulk Upload of SSG Mappings—Use this scenario to upload SSG MBean attributes from an existing
file into one or more web portal configuration files.
SSG Mappings Scenario
Figure 5-6 shows the SSG Mappings window.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-11
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Figure 5-6
SSG Mappings
Use the SSG Mappings scenario to perform the following tasks:
•
Map specific SSGs to specific subscriber subnets—Applies only when the port bundle host key
feature is not used on the SSGs.
•
Set global attribute values for all subnets—The global values apply to all subnets.
•
Set subnet values that override the global attribute.
After configuring one application, you can use the Bulk Upload scenario to apply the configuration to
other applications. If you have multiple instances of the same SESM portal application running on the
network, it is important to configure all the SSGs the same way.
Table 5-7 describes the attributes in the SSG Mapping operational scenario.
Cisco Subscriber Edge Services Manager Application Management Guide
5-12
OL-3983-02
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Table 5-7
SSG Mappings Operational Scenario
Attribute
Subattribute
Explanation
Subnet
Attributes
To configure subnet attributes, click Configure in the Subnet Attributes column. The
window shows the subnet attribute entries that are currently defined in the SSG
MBean for the application. Use the buttons as follows:
•
Create—Adds a new subnet entry to the XML file.
•
Edit—Changes the selected subnet entry.
•
Delete—Deletes the selected subnet entry.
Subnet IP
The subnet for which you are explicitly setting a value,
overriding the globally set value.
Net Mask
The mask that can be applied to the subscriber’s
IP address to derive the subnet.
Attribute Name
The name of the attribute that you are explicitly setting
for the specified subnet. It can be any of the following
values.
•
IP—Use the attribute name “IP” to map a specific
SSG to a subnet.
In the attribute value field (see below), enter the IP
address of an SSG.
•
Any globally set attribute name—Use the global
attribute name that you want to override for the
specified subnet.
In the attribute value field, enter the override value.
Global
Attributes
Attribute Value
The value for attribute name.
RETRIES
TIMEOUTSECS
To configure global values, click Configure in the
Global Attributes column. The window shows the
global attributes that are currently defined in the SSG
MBean for the application.
PORT
Use the buttons as follows:
SEND_FRAMED_IP
SECRET
•
Create—Adds another global attribute to your
configuration.
•
Edit—Changes the value of one of the global
attributes.
•
Delete—Deletes the global attribute from your
configuration.
THROTTLE
MASK
BUNDLE_LENGTH
SESSION_LOCATION
SESSION_BRAND
MIN_LOCAL_PORT
MAX_LOCAL_PORT
Note
The following attributes are required, and must
be set either globally or locally: PORT,
SECRET, BUNDLE_LENGTH.
See the “JMX MBeans for SESM Web Portals” chapter
in the Cisco Subscriber Edge Services Manager Web
Portal Guide for more information about setting these
attributes.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
5-13
Chapter 5
Using the Application Manager Operational Scenarios
Operational Scenario Descriptions
Bulk Upload Scenario
Figure 5-7 shows the SSG Bulk Upload window.
Figure 5-7
SSG Bulk Upload Window
To perform a bulk upload, first you must prepare the file to upload. The requirements for this file are:
•
The file must contain a complete SSG MBean. The upload procedure replaces the SSG MBean for
the selected application with the SSG MBean in the referenced file. The SSG MBean starts with the
following line:
<Configure jmxname="com.cisco.sesm:name=SSG">
and ends with the following line:
</Configure>
•
The file may contain more than the SSG MBean. The extraneous information is ignored.
•
The file must be stored in a location that is accessible using a URL; that is, it must be stored under
a web server directory structure (WEB-INF).
For example, if you store the prepared file in the following location:
nwsp
webapp
WEB-INF
ssg.xml
the URL to access the file is http://nwspServer:8080/ssg.xml
Table 5-8 describes how to use the Bulk Upload operational scenario.
Table 5-8
SSG Bulk Upload Operational Scenario
Attribute
Explanation
XML File URL
Enter the URL of the file containing the SSG MBean you want to copy and apply
to another application.
Apply to Server
Select the SESM portal application that you want to configure.
Use the Apply button to import the SSG MBean from the specified XML file into
the selected application’s XML file.
Cisco Subscriber Edge Services Manager Application Management Guide
5-14
OL-3983-02
C H A P T E R
6
Using the Application Manager Advanced
Windows
This chapter describes how to use the Cisco Subscriber Edge Services Manager (SESM) Application
Manager Advanced windows. Topics are:
•
Introduction, page 6-1
•
Accessing the Advanced Windows, page 6-2
•
Buttons on the MBean Windows, page 6-5
Introduction
The Application Manager advanced windows display the current value of any attribute in any MBean in
the managed applications. The advanced windows display each application separately.
Use the advanced windows to:
•
Check the status of managed applications
•
Connect to applications that were started after the Application Manager was started
•
Connect to applications that were previously unmanageable, but are now available for management
•
Change attributes that are not included on the operational scenarios
•
View monitoring (read-only) attribute values
The Application Manager advanced windows present an interface very similar to the AgentView remote
management tool in previous SESM releases.
Note
In this release, the Advanced windows do not support updating of array types.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
6-1
Chapter 6
Using the Application Manager Advanced Windows
Accessing the Advanced Windows
Accessing the Advanced Windows
To access the advanced window for an application:
Step 1
Click the Advanced tab on the top line of the SESM Application Manager window. (See Figure 6-1.)
Figure 6-1
Advanced Tab
The next window shows all of the applications that are listed in the AdapterFactoryInit.xml file in the
Application Manager’s config directory. (See Figure 6-2.)
Figure 6-2
Advanced Window
From this window, you can:
•
Determine whether applications are currently manageable.
– If the host name is listed, the application is currently running and manageable.
– If the host name is not listed, one of the following conditions exists:
The application is not running.
The RMI Registry on the application’s host system is not running or was started after the
application was started.
The application was started after the Application Manager was started. In this case, click the
Connect button to attempt to connect to the application.
The application is not properly configured for management. See the “Troubleshooting
Application Manager Startup” section on page 4-2 for help.
•
Connect to applications that have recently become manageable.
•
Manage the application.
Cisco Subscriber Edge Services Manager Application Management Guide
6-2
OL-3983-02
Chapter 6
Using the Application Manager Advanced Windows
Accessing the Advanced Windows
Step 2
To connect or manage an application:
•
Click the radio button next to an application name to select that application
•
Click the Connect or Manage button.
– If you click Connect, and the connection fails, review the reasons listed in Step 1.
– If you click Manage, the resulting window shows all of the domains in the application and the
MBeans in each domain. See Figure 6-3.
Figure 6-3
Advanced Window List of MBeans
Step 3
Scroll down on the page until you find the MBean whose attributes you want to view.
Step 4
Click the MBean that you want to examine. The MBean names (in the left column) are hypertext links
to the MBean details.
The resulting window shows the attributes and operations in the MBean. See Figures 6-4 and 6-5.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
6-3
Chapter 6
Using the Application Manager Advanced Windows
Accessing the Advanced Windows
Figure 6-4
Directory MBean (1 of 2)
Cisco Subscriber Edge Services Manager Application Management Guide
6-4
OL-3983-02
Chapter 6
Using the Application Manager Advanced Windows
Buttons on the MBean Windows
Figure 6-5
Directory MBean (2 of 2)
Step 5
To edit an attribute, click on the attribute value and make the change.
Step 6
To make the change take effect on the running application, click Update.
Step 7
To make the change persist across restarts, click Store. You must click Update the current application
before storing the change.
Buttons on the MBean Windows
The buttons on the MBean windows represent methods defined for the class that you are viewing. You
can click any button to dynamically call the method and perform the operation on the running
application.
•
Update—Sends the attribute changes to the running application. The change takes effect
immediately on the running application unless you receive an error message stating otherwise.
•
Store—Saves the attribute changes in the appropriate configuration file (for example, nwsp.xml).
This action persists the changes for future application restarts. The Store button has the following
effects on the MBean in the configuration file:
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
6-5
Chapter 6
Using the Application Manager Advanced Windows
Buttons on the MBean Windows
– Deletes any <SystemProperty> or <Property> tags used in the MBean in the originally-installed
configuration file. The Store button saves the currently defined value of all attributes in the
MBean, regardless of how those values were derived. The Store operation is not aware of
property definitions or values assigned by the startup script.
– Deletes comments in the MBean.
– Includes all read-write attributes in the MBean, whereas the installed configuration files might
include only the most commonly changed attributes.
– Deletes a <Call> tag inside a <Configure> tag. If the <Call> element sets an attribute value, the
rewritten MBean contains the attribute assignment performed in a different way. However, if the
<Call> element is performing an action other than setting an attribute value, the action is lost.
The correct way to call methods is to use the <Action> tag
•
Note
•
Undo—Reverts the running application to the state before the last store. All store operations are
captured and can be undone, in sequential order starting with the last change first. You can reverse
a previously stored undo.
The Undo operation applies to the running application only. To save an Undo action to the
configuration files (that is, undo the changes stored in the configuration file), click Store after
clicking Undo.
Additional operations—Some MBeans have additional buttons. In most cases, the buttons represent
specialized update methods for an array or mapping element. You can use these buttons to update
elements.
Cisco Subscriber Edge Services Manager Application Management Guide
6-6
OL-3983-02
C H A P T E R
7
Logging and Debugging in SESM Applications
This chapter describes how to configure the logging and debugging mechanisms for Cisco Subscriber
Edge Services Manager (SESM) applications and the Jetty server. Topics are:
•
Log File Descriptions, page 7-1
•
MBeans for Log File Configuration, page 7-1
Log File Descriptions
The SESM log files can help troubleshoot SESM applications and deployments. By changing the
configuration of the logging and debugging mechanisms, you can change the amount of detail reported
and specify message filtering. Two of the log files have debugging mechanisms in addition to the logging
features.
•
Jetty log—Contains logging and debugging messages from Jetty. The logging messages record the
startup of the Jetty server and all ongoing activity, such as errors trapped by the Jetty server and
HTTP errors. If the SESM application fails to start, look at this log. Make sure you monitor this log
file for illegal HTTP requests that might indicate attempts to subvert the web server. If you enable
debugging, the log file also includes more detailed debugging messages.
•
Jetty HTTP Request log—Contains incoming HTTP requests. You can use this log file to analyze
volume and traffic patterns for the web server.
•
Application log—Contains logging and debugging messages from the SESM application. The
logging tool logs SESM web application activity. The debugging mechanism produces messages
useful to developers in debugging applications.
You can configure all three of these logs for each SESM portal application and for CDAT. RDP uses only
the application log.
MBeans for Log File Configuration
Table 7-1 shows the MBeans that configure the log files. The MBeans control the level of verbosity in
the logs, message filtering, debugging, file location, and file management.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
7-1
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
Table 7-1
Configuring the Log Files
Process
Log Type
Attribute that
MBean Name and Reference Specifies File
to More Information
Path Name
Jetty Server
Jetty log
Log MBean, page 7-2
Default Log Filename
filename
date.jetty.log
RequestLog
date.request.log
logFile
date.application.log
Debug MBean, page 7-3
Request log
SESM
Application
Server MBean, page 7-4
Application log Logger MBean, page 7-5
(includes debugging
attributes)
To change the location of a log file, change the value of the attribute listed in Table 7-1. The installed
default value for the file path name attributes is the application.home property. The value for the
application.home property is set by the start script at run time.
The installed default configuration places all log files for an application into the logs subdirectory under
the application home directory. For example:
SESMinstallDir
nwsp
logs
If the logs directory does not exist, it is created at application runtime.
Jetty Server Logging and Debugging
This section describes the MBeans that configure Jetty Server logging and debugging:
•
Log MBean, page 7-2
•
Debug MBean, page 7-3
•
Server MBean, page 7-4
Log MBean
The Log MBean enables the Jetty server debugging and logging mechanisms and configures the
information that appears in the jetty log file. Table 7-2 describes the attributes in the Log MBean.
Table 7-2
Jetty Container—Log MBean
Attribute Name
Explanation
logTimezone
Installed default: empty
logDateFormat
Controls the format of the date stamp in the log messages.
Installed default: yyyyMMdd:HHmmss.SSS
logLabels
Controls whether or not the log messages include frame details.
Installed default: false
logOneLine
Installed default: false
Cisco Subscriber Edge Services Manager Application Management Guide
7-2
OL-3983-02
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
Table 7-2
Jetty Container—Log MBean (continued)
Attribute Name
Explanation
logStackSize
Controls whether or not the log messages include an indication of stack depth.
Installed default: false
logStackTrace
Controls whether or not the log messages include trace information.
Installed default: false
logTags
Installed default: true
logTimeStamps
Installed default: true
append
Indicates if messages overwrite existing contents (false) or are appended to the existing file (true).
Installed default: true
retainDays
Indicates the number of days to keep an old log file before deleting it.
Installed default: 31
filename
Specifies the log filename and path, as follows:
application.home/logs/yyyy_mm_dd.jetty.log
Where:
•
application.home—A property whose value is set in the SESM start script.
•
logs—A constant. All log files appear in the logs subdirectory under the application directory.
•
yyyy_mm_dd—The year, month, and day that the file was created.
•
.jetty.log—A constant identifying the Jetty log files.
Debug MBean
The Debug MBean enables or disables the Jetty server debugging mechanism. Table 7-3 describes the
attributes in the DebugMBean.
Table 7-3
Jetty Container—Debug MBean
Attribute Name
Explanation
debug
Controls whether or not debugging messages are produced.
Installed default: false
debugPatterns
By specifying one or more patterns, you turn on a filtering mechanism that excludes any message
that does not match the pattern. The patterns are file, class, or method names. Pattern matching is
based on substring matches. For example, if you specify the pattern RADIUS, the software focuses
on RADIUS messages. To specify multiple patterns, separate the patterns using a comma.
Installed default: empty
verbose
Specifies the level of detail reported in debugging messages. The range of allowed values is 0 (no
details) to 255 (all details).
Installed default: 0
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
7-3
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
Table 7-3
Jetty Container—Debug MBean (continued)
Attribute Name
Explanation
suppressStack
Controls whether or not stack information is included in debug messages.
Installed default: false
suppressWarnings
Controls whether or not warning messages are included in debug messages.
Installed default: false
Server MBean
The Server MBean configures a request log, which records all incoming HTTP requests. Table 7-4
describes the attributes in the Server MBean.
Table 7-4
Jetty Container—Server MBean
Attribute Name
Explanation
RequestLog
Creates a new class with one argument, which specifies the name and location of the request log. The
installed value is:
application.home/logs/yyyy_mm_dd.request.log
Where:
retainDays
•
application.home—A property whose value is set in the SESM start script.
•
logs—A constant. All log files appear in the logs subdirectory under the application directory.
•
yyyy_mm_dd—The year, month, and day that the file was created. The installation program uses
the appropriate path name delimiter for the installation platform.
•
.request.log—A constant identifying an HTTP request file.
Indicates the number of days to keep a log file before deleting it.
Installed default: 90
Cisco Subscriber Edge Services Manager Application Management Guide
7-4
OL-3983-02
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
Table 7-4
Jetty Container—Server MBean (continued)
Attribute Name
Explanation
append
Indicates whether or not to append messages to an existing file or to create a new file for each
application instance.
Installed default: true
<Call
addWebApplication>
This call adds the SESM application to run on the web server. It uses five positional arguments:
1.
The first positional argument specifies the virtual host name for the web server application.
2.
The second positional argument specifies the context path for locating the web server
application. For example, / or /pathname/*.
3.
The third positional argument identifies the location of the application. The value is:
application.home/webapp
Where application.home is a system property whose value is set in the start script.
4.
The fourth positional argument identifies the location of the webdefault.xml file for this
application. The value is:
jetty.home/config/webdefault.xml
Where jetty.home is a system property whose value is set in the start script.
5.
The fifth positional argument specifies whether or not web archive (WAR) files are used. Valid
values are TRUE and FALSE.
The first three arguments define the location of the web server application.
host/context/application
The SESM start script derives the values for application.home and jetty.home from an expected
(installed) directory structure. To change these values, edit the start script.
SESM Application Logging and Debugging
This section describes the Logger MBean, which configures logging and debugging in SESM
applications.
Logger MBean
The Logger MBean configures both logging and debugging tools. The logging tool traces business events
in the SESM portal. The debugging mechanism produces messages useful to developers in debugging
applications. Table 7-5 describes the attributes in the Logger MBean.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
7-5
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
Table 7-5
SESM Portal Application—Logger MBean
Attribute Name
Explanation
debug
Turns debugging on or off. That is, it controls whether Log.debug calls executed by the
SESM application are displayed in the log file.
Note
Logging remains on regardless of this value. That is, all Log.trace and Log.warning calls
executed in the SESM application are written to the log file regardless of the value of the debug
attribute. To turn off logging, comment out the entire Logger MBean.
Values for this attribute are:
•
false—The application produces trace messages but not debug messages. The trace messages
record business activity performed by the SESM portal. This setting is the normal, recommended
setting for production environments. The trace messages provide important information for
diagnosing configuration problems.
•
true—The application produces trace and debug messages. This setting is intended for
development environments to debug portal code behavior. The logging of debug messages can
affect performance; hence, this setting is not recommended for production environments.
The following parameters control the contents of debug messages that the application generates:
logFrame, logStack, logThread, debugPatterns, and debugThreads.
The following parameters control the types of logging messages produced: trace and warning.
Installed default: false
debugPatterns
By specifying one or more patterns, you turn on a filtering mechanism that excludes any message that
does not match the pattern. The patterns are file, class, or method names. Pattern matching is based on
substring matches. For example, if you specify the pattern RADIUS, the software focuses on
RADIUS messages. To specify multiple patterns, separate the patterns using a comma.
Installed default: empty, which means that you receive all messages.
debugThreads
Specifies a specific thread name for which to show debugging messages. You can specify multiple
thread names, separating them using a comma. For example: 6,13,22. By default, no thread name is
specified.
Because each user interaction with the SESM web application takes place in a thread named for that
user, this parameter can be used to focus the logging trace on a specific user activity. Enter a list of
thread names separated by commas.
Installed default: empty
debugVerbosity
Specifies the level of detail in debugging messages. When the debug attribute is set to false, this
attribute is ignored. Values are MAX, MED, or LOW.
Installed default: LOW
logDateFormat
Specifies format of dates in the log file.
Installed default: yyyyMMdd:HHmmss.SSS
Cisco Subscriber Edge Services Manager Application Management Guide
7-6
OL-3983-02
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
Table 7-5
SESM Portal Application—Logger MBean (continued)
Attribute Name
Explanation
logFile
Specifies the filename and location for the logging (tracing) of business events performed by the
SESM application. The installed default is:
application.home/logs/yyyy_mm_dd.application.log
Where:
logFrame
•
application.home—A property whose value is set in the SESM start script.
•
logs—A constant. All log files appear in the logs subdirectory under the application directory.
•
yyyy_mm_dd —The year, month, and day that the file was created.
•
application.log—A constant identifying the application log files.
Controls whether or not to log the calling member function.
Installed default: false
logStack
Controls whether or not to log stack traces.
Installed default: false
logThread
Controls whether or not to log thread IDs. Installed default: true
logToErr
Controls whether or not to route log messages to stderr, in addition to the log file. This parameter is
useful for monitoring the SESM web application at the command line. Displaying output to stderr is
not recommended for production deployments.
Installed default: true
trace
Controls whether or not to log trace messages. These messages indicate entry and exit to code points.
Installed default: true
warning
Controls whether or not to log warning messages (nonfatal exceptions).
Installed default: true
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
7-7
Chapter 7
Logging and Debugging in SESM Applications
MBeans for Log File Configuration
SSG Connectivity
This section describes the SSG MBean, which configures the SSG connections.
SSG MBean
The SSG MBean configures the SSG connections.
Table 6
SSG MBean Attributes
Attribute Name
Explanation
SSGIPPolicy Class
The class name of the SSGIPPolicy to use to determine the SSG IP address for a session. If not set,
the identity mapping is used.
Installed default: com.cisco.sesm.ssg.DefaultSSGIPPolicy
attributeDescriptions
An array describing the SSG configuration. For example:
java.lang.String[0] = 10.52.199.172[255.255.255.252]IP=10.52.199.83
java.lang.String[1] = 0.0.0.0[0.0.0.0]THROTTLE=20
java.lang.String[2] = 0.0.0.0[0.0.0.0]TIMEOUTSECS=10
java.lang.String[3] = 0.0.0.0[0.0.0.0]SECRET=cisco
java.lang.String[4] = 0.0.0.0[0.0.0.0]MASK=255.255.255.255
java.lang.String[5] = 0.0.0.0[0.0.0.0]BUNDLE_LENGTH=0
java.lang.String[6] = 0.0.0.0[0.0.0.0]SEND_FRAMED_IP=false
java.lang.String[7] = 0.0.0.0[0.0.0.0]PORT=1812
java.lang.String[8] = 0.0.0.0[0.0.0.0]RETRIES=3
attributes
The attributes used internally by the persistence mechanism. For example:
Type Not Supported: [{10.52.199.172[255.255.255.252]={IP=10.52.199.83},
0.0.0.0[0.0.0.0]={THROTTLE=20, TIMEOUTSECS=10, SECRET=cisco, MASK=255.255.255.255,
BUNDLE_LENGTH=0, SEND_FRAMED_IP=false, PORT=1812, RETRIES=3}}]
generateMessageAuth
enticators
Boolean type True or False. If True, message authenticators are generated for all requests according
to RFC2689.
maxSSGs
The maximum number of SSGs that will be cached. This value is an integer.
numCloses
The total number of connections that have been closed. This value is an integer.
numExceptions
The total number IO exceptions handled during all requests. This value is an integer.
numOpens
The total number of connections that have been opened. This value is an integer.
numRejects
The total number of Access Rejects received. This value is an integer.
numRequests
The total number of requests made. This value is an integer.
numSSGs
The number of SSGs in the cache. This value is an integer.
numTimeouts
The total number of requests that have timed out. This value is an integer.
statistics
View the value of statistics.
throttle
The default maximum number of simultaneous requests allowed to an SSG. This value is an integer.
Cisco Subscriber Edge Services Manager Application Management Guide
7-8
OL-3983-02
A P P E N D I X
A
Manually Editing MBean Configuration Files
This appendix describes the Cisco Subscriber Edge Services Manager (SESM) MBean configuration file
format and how to manually edit the files. Topics are:
•
Restarting Applications after Editing, page A-1
•
MBean Configuration Files, page A-1
•
MBean Configuration File Format, page A-1
•
SystemProperty and Property Tags in Configuration Files, page A-4
Restarting Applications after Editing
If you change configuration values by directly editing the configuration files, you must stop and restart
the SESM application and its Jetty server before the changes take effect. If you deployed SESM in
SPE mode, you also must stop and restart RDP.
MBean Configuration Files
The MBean configuration files are XML files in a format defined in xmlconfig.dtd, a Cisco DTD. These
files set configurable attributes in SESM. The SESM installation program assigns values for all of the
key attributes in these files, using a combination of default values and values you provide during the
install.
MBean Configuration File Format
This section summarizes the MBean file format Mdefined in xmlconfig.dtd. The purpose of this
summary is to provide enough information for you to easily edit the configuration files.
Use the following example as a reference while reading the format guidelines that follow. The example
configures the Logger, Version, and ManagementConsole MBeans for SESM portals.
<XmlConfig>
<!-- ================================================================ -->
<Instantiate order="1"
class="com.cisco.sesm.jmx.LoggerMBean"
jmxname="com.cisco.sesm:name=Logger"/>
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
A-1
Appendix A
Manually Editing MBean Configuration Files
MBean Configuration File Format
<Instantiate order="5"
class="com.cisco.sesm.jmx.VersionMBean"
jmxname="com.cisco.sesm.jmx:name=Version" />
<Instantiate order="99"
class="com.cisco.sesm.jmx.AgentView"
jmxname="com.cisco.sesm:name=ManagementConsole"/>
<!-- ================================================================ -->
<Configure jmxname="com.cisco.sesm:name=Logger">
<Set name="debug" type="boolean">false</Set>
<Set name="debugPatterns"></Set>
<Set name="debugThreads"></Set>
<Set name="debugVerbosity">LOW</Set>
<Set name="logDateFormat">yyyyMMdd:HHmmss.SSS</Set>
<Set name="logFile"><Property name="application.home"
default="."/>/logs/yyyy_mm_dd.application.log</Set>
<Set name="logFrame" type="boolean">false</Set>
<Set name="logThread" type="boolean">false</Set>
<Set name="logStack" type="boolean">false</Set>
<Set name="logToErr" type="boolean">false</Set>
<Set name="trace"
type="boolean">true</Set>
<Set name="warning"
type="boolean">true</Set>
</Configure>
<!-- ================================================================ -->
<Action jmxname="com.cisco.sesm:name=ManagementConsole">
<Call name="start"/>
</Action>
<!-- ================================================================ -->
<Configure jmxname="com.cisco.sesm.jmx:name=Version">
<Set name="verbose" type="boolean">false</Set>
</Configure>
<!-- ================================================================ -->
<Configure jmxname="com.cisco.sesm:name=ManagementConsole">
<Set name="port" type="int"><Property name="management.portno" default="8180"/></Set>
<Set name="authInfo">
<Array class="com.sun.jdmk.comm.AuthInfo">
<Item>
<New class="com.sun.jdmk.comm.AuthInfo">
<Set name="password">MgmtPassword</Set>
<Set name="login">MgmtUser</Set>
</New>
</Item>
</Array>
</Set>
</Configure>
The following guidelines explain the basic format of the MBean configuration files.
•
The MBean configuration file contains a single <XmlConfig> element containing one or more
<Instantiate>, <Configure>, and <Action> elements.
•
An <Instantiate order = x> element causes the ConfigAgent to construct and initialize the named
MBean or class of MBeans.
The value assigned to the order attribute controls the order in which objects are initialized by the
ConfigAgent. The lowest value is initialized first and the highest value is initialized last. For
example, in the nwsp.xml file, the logger MBean uses the value 1, to ensure that it is initialized first.
Cisco Subscriber Edge Services Manager Application Management Guide
A-2
OL-3983-02
Appendix A
Manually Editing MBean Configuration Files
MBean Configuration File Format
After being initialized, an MBean registers itself with the MBean server. When ConfigAgent detects
the newly registered object, it then configures the object.
•
An <Action> element calls methods on an MBean.
•
Each <Configure> element describes the configuration for either:
– A single MBean, identified with the name attribute
– A class of MBeans, identified with the class attribute
ConfigAgent can match a registered MBean by both class and name.
•
The <Set> tag within a <Configure> element identifies an MBean attribute. The format for
the <Set> tag is:
<set name=”attributeName” [type=”dataType”]>value</set>
Where:
attributeName is the MBean parameter name whose value is being set. Do not change any
attributeName.
dataType is the required data type of the value you specify. Do not change dataType unless the
change is related to application development. The dataType can be: none (which defaults to string),
string, int, boolean, URL, an Array element, a Map element, or a New element.
value is the attribute value. You can edit the value, making sure that the value you provide conforms
to the data type specified.
•
The <Call> tag calls a method defined within the class or the object’s class. If the method expects
arguments, they are specified within the call tag as well.
Any <Call> tag inside a <Configure> tag disappears if you persist the MBean with the remote
management tool. If the <Call> element is setting an attribute value, the rewritten MBean contains
the attribute assignment performed in a different way. However, if the <Call> element was used to
perform an action other than setting an attribute value, the action is lost. The correct way to call
methods is to use the <Action> tag.
•
The <Arg> tag inside a call tag can be set to any of the following:
– Literal values.
– Objects that are created by a New element or returned by a Call element. Call and New elements
might contain Set, Put, Call, Array, or Map elements after any Arg elements. These nested
elements are applied to the created or returned object.
•
The <Action> tag calls a method defined within the class.
•
A <SystemProperty> or <Property> tag might appear inside a <Set> or <Call> tag.
Note
The default values assigned in these tags are not used if a value is assigned in the start script.
You must remove any use of the setting in the apppropriate startup script for the default values
in the configuration files to take effect. See the section “SystemProperty and Property Tags in
Configuration Files” section for more information.
Cisco ConfigAgent performs the following management functions for MBeans.
•
Constructs and initializes an MBean—The <Instantiate> tag causes ConfigAgent to construct and
initialize an MBean. Most MBeans are initialized by other objects (for example, other MBeans) and
not by ConfigAgent.
After initialization, an MBean registers with the JMX server.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
A-3
Appendix A
Manually Editing MBean Configuration Files
SystemProperty and Property Tags in Configuration Files
•
Configures an MBean—The <Configure> tag causes ConfigAgent to configure an MBean.
ConfigAgent can configure existing MBeans and MBeans that are registered later. ConfigAgent
configures an MBean if there is a matching entry in the XML file for that MBean. The <Set> tag
sets attribute values for the MBean.
•
Performs actions on an MBean—The <Action> tag causes ConfigAgent to perform the specified
action. For example, ConfigAgent can start an MBean.
SystemProperty and Property Tags in Configuration Files
The installed MBean configuration files use <SystemProperty> and <Property> tags as the value for
some attributes. Both tags use the features of a Java system property. The difference between the two
tags is:
Note
•
SystemProperty tags—The property value applies to the Java virtual machine (VM). All applications
running in the same container are configured to use the same value.
•
Property tags—The property value applies to the name space of an application. Multiple
applications running in the same VM can use properties of the same name but configured with
different values.
If you use the Store button in the SESM remote management tool to persist a change to an MBean
attribute, any <SystemProperty> and <Property> tags in that MBean are written over. The Store button
saves the currently defined value of all attributes in the MBean, regardless of how those values were
derived. The management tool does not know about properties in the configuration file, nor does it know
about values defined in startup scripts.
The value of a property is set as follows:
1.
You can specify a value on the command line at run time. The command line value overrides all other
values. The -D argument to the java command defines the value of a property. For example:
startNWSP.sh -jvm -DpropertyName=value
2.
You can specify a value in the start script using the -D option to the java command. For example,
the following lines from the installed start script (START.sh or START.cmd) assigns values to some
properties.
$JAVA $SERVER -Xms64m -Xmx64m \
-classpath $CLASSPATH \
-Dinstall.root=$INSTALLDIR \
-Djetty.home=$JETTYDIR \
-Dapplication.home=$APPDIR \
-Dapplication.portno=$PORTNO \
-Dapplication.ssl.portno=$SSLPORTNO \
-Dmanagement.portno=$MGMTPORTNO \
3.
If a value is not specified by either of the above methods at application run time, the application uses
a default value specified in the MBean configuration file, in the <SystemProperty> or <Property>
tag.
Cisco Subscriber Edge Services Manager Application Management Guide
A-4
OL-3983-02
A P P E N D I X
B
Using the SESM Agent View Tool
This appendix describes how to remotely manage Cisco Subscriber Edge Services Manager (SESM)
applications using the SESM Agent View tool. Topics in this appendix are:
Note
•
SESM Agent View Overview, page B-1
•
Accessing an Application’s Agent View, page B-2
•
Using the Agent View, page B-5
•
Using the MBean View, page B-6
•
Monitoring an Application, page B-10
The recommended application management tool for this SESM release is the Application Manager. This
release includes the Agent View tool to provide convenience and continuity during migrations from
previous releases. The SESM Agent View tool will be discontinued in a future SESM release.
SESM Agent View Overview
The SESM Agent View tool provides a way to monitor and change the attributes in a running SESM
application. It also provides a way to optionally store changes in the application configuration files, so
that the changes persist across restarts. Figure B-1 summarizes how to access the Agent View and the
tasks you can perform.
Note
The SESM Agent View is an adaptation of the Management Console provided by the HTML adaptor
server, which is included with the Sun example JMX server. The Cisco adaptations add persistence
features to the server.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
B-1
Appendix B
Using the SESM Agent View Tool
Accessing an Application’s Agent View
Figure B-1
1
Agent View Summary
CDAT Main
Window
Web Browser
Hypertext links
HTTP URL
2
Application
Agent View
3
MBean View
4
1
Application configuration changes
Undo stored changes
Store attribute changes
Running
Application
MBean
Configuration
file
(NWSP)
(nwsp/config/nwsp.xml)
76301
(HTTP://server:ManagementConsolePort)
Each SESM application has a management console, known as the Agent View. You can access an application’s Agent
View in two ways:
•
Click a link configured on the CDAT main window—It is convenient to access the Agent Views for all of the SESM
applications from one list of links. You must configure the links in the CDAT configuration file.
•
Enter the URL for the application’s management console in a web browser.
2
An application’s Agent View lists all of the MBeans in the running application. From the Agent View, you can access
MBean Views.
3
An MBean View provides access to all of the attributes in the MBean.
4
From the MBean View, you can perform the following actions on attribute values:
•
View current attribute values for the running application.
•
Apply changes to most Read/Write attributes. Applied changes take immediate effect on the running application.
•
Store changes in the application’s configuration file. Stored changes persist for future restarts of the application.
Undo (revert) changes sequentially from the most recent store to the first store made in the session. The Undo action only
affects the running application, even though it undoes the stored changes. To persist an undo, you must store the change.
Accessing an Application’s Agent View
This section describes how to configure, start, and access an Agent View. Topics are:
•
Configuring the ManagementConsole MBean, page B-3
•
Starting and Removing the Management Console, page B-3
•
URLs for Accessing Agent Views, page B-4
•
Using the CDAT Main Window to Access Agent Views, page B-4
Cisco Subscriber Edge Services Manager Application Management Guide
B-2
OL-3983-02
Appendix B
Using the SESM Agent View Tool
Accessing an Application’s Agent View
Configuring the ManagementConsole MBean
All of the SESM applications include the ManagementConsole MBean, which configures and starts an
Agent View for the application. Table B-1 describes the attributes in the ManagementConsole MBean.
Table B-1
SESM Portal Application—ManagementConsole MBean
Attribute Name
Explanation
Port
Specifies the management console port for this application.
In the installed configuration files, the port value is a system property named:
management.portno
All of the installed startup scripts set this system property to the following value:
application.portno + 100
For example, if the application.portno is 8080, the management.portno is 8180.
This runtime setting overrides any value you enter in the configuration file. To change the value of this
attribute, edit the start script.
AuthInfo
AuthInfo provides a level of access control on the Management Console. When a user attempts to
access the management console port from a web browser, a logon window appears. The user must enter
a user ID and password that matches values specified in AuthInfo.
Each application has a ManagementConsole MBean that configures the login values for that
application’s management console. You can configure different user IDs and passwords for each
application or use the same values for all applications.
You can specify multiple sets of AuthInfo information to allow multiple users access to a management
console.
The AuthInfo array has two elements:
1.
User ID—Enter a user ID that you want to have access to the management console. The default
value in all of the MBean configuration files is MgmtUser.
2.
Password—Enter a password that will be required to access the management console. The default
value in all of the MBean configuration files is MgmtPassword.
You can add, change, and delete AuthInfo values in the configuration files or on the management
console.
Note
If you use the management console to change or delete the user ID or password that you used
to log on to the console, the console redisplays the logon prompts. You must log in again using
the new authentication values.
Starting and Removing the Management Console
All of the SESM applications are configured to start a management console on application startup.
If you do not want to start a management console for an application, comment out the following lines in
the application’s MBean configuration file:
<Action jmxname="com.cisco.sesm:name=ManagementConsole">
<Call name="start"/>
</Action>
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
B-3
Appendix B
Using the SESM Agent View Tool
Accessing an Application’s Agent View
URLs for Accessing Agent Views
You can access an Agent View by typing its URL in the address field of a web browser.
The URL for accessing the Agent View must include the name of the host on which the application is
running and the configured management console port number (for example, the value for
management.portno). An example URL for the NWSP Agent View is:
http://server1:8180
Using the CDAT Main Window to Access Agent Views
The CDAT main window can provide a convenient way to access Agent Views. You can add links to the
Agent Views for all of the SESM applications that you want to manage. To add links or change the URLs
behind the links, edit the links attribute in the MainServlet MBean in the CDAT application’s
configuration file. See the Cisco Distributed Administration Tool Guide for information about the links
attribute.
Note
This installation program in this SESM release does not add Agent View links to the CDAT Main
window. The Agent View links are replaced with a link to the SESM Application Management
application.
Figure B-2 shows an example CDAT main window with links to various Agent View URLs.
Figure B-2
CDAT Main Window
Cisco Subscriber Edge Services Manager Application Management Guide
B-4
OL-3983-02
Appendix B
Using the SESM Agent View Tool
Using the Agent View
To use the CDAT main window to access an Agent View, follow these procedures:
Step 1
Start CDAT. The CDAT startup script is located in:
jetty
bin
startCDAT
Step 2
Open a web browser.
Step 3
Direct the browser to the CDAT main window. (See Figure B-2.)
The URL for accessing CDAT must include the server name where the CDAT is running and the
configured CDAT port. The default port used by the installation program is 8081. An example URL for
the CDAT main window is:
http://server1:8081
Step 4
Click the hot text for the link that you want to access.
Using the Agent View
The Agent View displays the MBeans in a running application. Figure B-3 shows the Agent View for a
NWSP application running in SPE mode.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
B-5
Appendix B
Using the SESM Agent View Tool
Using the MBean View
Figure B-3
Agent View
Table B-2 explains the actions you can perform from the AgentView.
Table B-2
Actions from the Agent View
Name
Description
Admin button
Click the Admin button at the top of the window to add a new MBean to
the application.
Note
MBean links
You should not need to add new MBeans to installed applications.
Click an MBean in the list to navigate to the MBean View.
Using the MBean View
The MBean View displays the attributes in an MBean. Figures B-4 and B-5 show the MBean View for
the WebApp MBean in NWSP. Table B-3, which follows the figures, explains the numbered callouts in
these figures.
Cisco Subscriber Edge Services Manager Application Management Guide
B-6
OL-3983-02
Appendix B
Using the SESM Agent View Tool
Using the MBean View
Figure B-4
MBean View—Top Portion
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
B-7
Appendix B
Using the SESM Agent View Tool
Using the MBean View
Figure B-5
Table B-3
MBean View—Bottom Portion
Actions from the MBean View
Figure
Key
Name
Description
1
A reload obtains new information from the application and reloads the page.
Reload interval
Reload button
2
Unregister button
•
The reload interval specifies the number of seconds between automatic reloads. You can
change the reload interval here. The change takes effect immediately.
•
If the reload interval is 0 (the default), use the Reload button to manually reload the view.
Makes the MBean inaccessible to the running application. Do not use this button.
Cisco Subscriber Edge Services Manager Application Management Guide
B-8
OL-3983-02
Appendix B
Using the SESM Agent View Tool
Using the MBean View
Table B-3
Actions from the MBean View (continued)
Figure
Key
Name
Description
3
Lists all of the attributes in the MBean. From this section, you can:
MBean attributes
•
Display a short description of the attribute—Click the attribute name. For more detail
about any attribute, see the appropriate chapter in this manual.
•
Change the value of read-write attributes
•
Monitor metrics (read-only attributes)
To change an attribute value, do one of the following, depending on the attribute type:
•
Integers and strings—Type the attribute value in the Value column.
•
Booleans—Choose the desired radio button.
•
Arrays:
– If the Value column contains the phrase “Type Not Supported”—Choose one of the
buttons from the MBean Operations section.
– If the Value column contains a hypertext link over the phrase “view the values of
attribute”—Click the link, which opens another page that lists the array elements and
current values. Use the appropriate operation in the MBean Operations section to add
or change element values.
4
Apply button
Sends the attribute changes to the running application. The change takes effect immediately
on the running application unless you receive an error message stating otherwise.
5
MBean operations
Lists operations that you can perform against the MBean. The list is different for each MBean.
However, all MBeans include the Store and Undo operations, described below.
6
Undo button
Reverts the running application to the state before the last store. All store operations are
captured and can be undone, in sequential order starting with the last change first. You can
reverse a previously stored undo. Table B-4 shows how the Undo operation works.
Note
7
Store button
The Undo operation applies to the running application only. To save an Undo action
to the configuration files (that is, undo the changes stored in the configuration file),
click the Store button again.
Saves the attribute changes in the appropriate configuration file (for example, nwsp.xml). This
action persists the changes for future application restarts. The Store button has the following
effects on the MBean in the configuration file:
•
Deletes any <SystemProperty> or <Property> tags used in the MBean in the
originally-installed configuration file. The Store button saves the currently defined value
of all attributes in the MBean, regardless of how those values were derived. The Store
operation is not aware of property definitions or values assigned by the startup script.
•
Deletes comments in the MBean.
•
Includes all read-write attributes in the MBean, whereas the installed configuration files
might include only the most commonly changed attributes.
•
Deletes a <Call> tag inside a <Configure> tag. If the <Call> element sets an attribute
value, the rewritten MBean contains the attribute assignment performed in a different
way. However, if the <Call> element performs an action other than setting an attribute
value, the action is lost. The correct way to call methods is to use the <Action> tag.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
B-9
Appendix B
Using the SESM Agent View Tool
Monitoring an Application
Table B-4
Sequential Store and Undo Operations
Action
Attribute Value in the
Running Application
Attribute Value in the
Configuration File
Startup
5
5
Change the value to 10 in the MBean View
5
5
Apply the change
10
5
Store the change
10
10
Undo
5
10
Store
5
5
Monitoring an Application
The SESM application MBeans include read-only attributes that provide activity, performance and
memory metrics. You can monitor these metrics from the same MBean View that you use to change the
values of read-write attributes.
Some useful monitoring features on the MBean View are:
•
Reload period—Set an automatic refresh rate by changing the reload period. The browser
automatically refreshes the attributes values at the rate specified by the reload period. The default
reload period is 0, which turns off the automatic refresh feature.
•
Reload button—If you do not set an automatic reload period, you can refresh the read-only values
at any time by clicking the Reload button.
Figure B-6 shows metrics in the SESM MBean in the NWSP application.
Cisco Subscriber Edge Services Manager Application Management Guide
B-10
OL-3983-02
Appendix B
Using the SESM Agent View Tool
Monitoring an Application
Figure B-6
Metrics in the SESM MBean in the NWSP Application
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
B-11
Appendix B
Using the SESM Agent View Tool
Monitoring an Application
Cisco Subscriber Edge Services Manager Application Management Guide
B-12
OL-3983-02
A P P E N D I X
C
Application Manager MBeans
This appendix describes the MBeans that are configurable using the Application Manager. Topics in this
appendix are:
•
Configuring Application MBeans, page C-13
•
Generic MBeans, page C-14
•
Application Management MBeans, page C-15
•
RADIUS Data Proxy MBeans, page C-16
•
Captive Portal MBeans, page C-18
•
Web Application (NWSP) MBeans, page C-20
•
Message Portal MBeans, page C-22
•
Web Services Gateway MBeans, page C-24
•
CDAT MBeans, page C-26
•
DNS Proxy MBeans, page C-27
Configuring Application MBeans
Each SESM application exposes a series of MBeans that can be viewed and modified using the
Application Manager. You can configure the MBeans to modify the functionality of the application, such
as logging options, connectivity parameters, and displaying statistics.
To configure an application using MBeans in the Application Manager, use the following procedure:
Step 1
In the CDAT Application Manager window, select Advanced.
A new window displays all the currently running applications.
Step 2
Select the application you want to configure and click manage.
A new window displays all the MBeans associated with the selected application. The MBeans are
grouped into domains, for example, JMImplementation, com.cisco.sesm and org.mortbay.jetty.
Step 3
Select an MBean to modify.
A new window displays all the attributes that can be modified for the selected MBean.
Step 4
Modify the MBean attributes.
Modify each MBean attribute with the appropriate type, as provided in the description.
This appendix lists the domains and MBeans for all the SESM applications.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-13
Appendix C
Application Manager MBeans
Generic MBeans
Generic MBeans
JMImplementation
Attribute
Description
type=MBeanServerDelegate
Provides information on the management interface of the MBean.
com.cisco.sesm.ignore
Attribute
Description
name=ManagementAdaptor
HtmlAdaptorServer class: Provides a management interface of an agent
to Web browser clients.
com.cisco.sesm.jmx
Attribute
Description
name=version
Gets the package versions of the various system jars.
Adaptor
Attribute
Description
protocol=JRMP
Provides information on the management interface of the
MBean. For example, JRMP = Adaptor MBean used to
allow the server to talk RMI over JRMP.
interceptor=invoker,protocol=J
RMP
Provides information on the management interface of the
MBean. For example, created by the JRMP Adaptor
MBean.
Cisco Subscriber Edge Services Manager Application Management Guide
C-14
OL-3983-02
Appendix C
Application Manager MBeans
Application Management MBeans
Application Management MBeans
com.cisco.sesm
MBean
Description
agent=configuration
Configuration agent MBean. This object observes JMX registration
events looking for objects known to it. If a known object registers, then
the configuration agent attempts to use it's MBean interface to push a
configuration at the new MBean.
name=Login
Login MBean. Allows you to configure login parameters.
name=Logger
Logger MBean. Allows you to configure the log, trace, and debug
mechanisms.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure the AgentView
MBean.
org.mortbay.jetty
MBean
Description
Debug=0
Debugging and Defensive programming support.
NCSARequestLog=0,Server=0,name=Jetty
HTTP Request logger providing the normal or
extended NCSA format.
OutputStreamLogSink=0,name=Log
A LogSink that writes messages to a OutputStream
or File.
Server=0,name=Jetty
Jetty HTTP Server and Servlet container.
name=Log
The org.mortbay.util.Log logging service. This
object allows LogSink instances to be added.
MBeans for the LogSinks are created by this object.
Server=0,WebApplicationContext=0,context=/, A J2EE Web application extension of
name=Jetty
ServletHttpContext. Changes made to this MBean
are not persisted.
SESMSocketListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSocketListener.
SESMSSLListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSSLListenercom
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-15
Appendix C
Application Manager MBeans
RADIUS Data Proxy MBeans
RADIUS Data Proxy MBeans
com.cisco.sesm
MBean
Description
RADIUSDictionary=0
RADIUSDictionary MBean. Allows RADIUS Dictionary style
access to the RADIUSAttributes.
agent=Configuration
Configuration agent MBean. This object observes JMX
registration events looking for objects known to it. If a known
object registers, then the configuration agent attempts to use it's
MBean interface to push a configuration at the new MBean.
name=Directory
Directory MBean. Allows you to configure the directory server.
name=Directory,type=Connection Primary connection MBean. Allows you to configure the primary
,instance=Primary
connection to the directory server.
name=Directory,type=Connection Secondary connection MBean. Allows you to configure the
,instance=Secondary
secondary connection to the directory server.
name=Logger
Logger MBean. Allows you to configure the log, trace, and debug
mechanisms.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure the
AgentView MBean.
name=RDP
Extensible Request Proxy MBean. Provides extensible mapping
of request listeners to request handlers.
name=RDP,AAA=AddAVsFilter
ERP filter MBean. Provides an ERPFilter to add RADIUS AVs to
a response.
name=RDP,AUTHENTICATION
=DESSAuthenticationHandler
DESSAuthenticationHandler MBean. An AAA Handler using the
DESS library for LDAP authentication.
name=RDP,AUTHORIZATION=
DESSAuthorizationFilter
DESSAuthorizationFilter MBean. Filter to add authorization
information using the DESS library.
name=RDP,DOMAINPROXY=D
omainHandler
Generic ERP Handler MBean. Provides configuration of handler
for domain based proxying.
name=RDP,GROUP-PROFILE=
DESSGroupProfileHandler
DESSGroupProfileHandler MBean. Handler for Group profile
requests backed by DESS.
name=RDP,LOCAL=AaaHandler AAA Handler Mbean. Provides local flat file handler
configuration.
name=RDP,NEXTHOP-PROFIL
E=DESSNextHopProfileHandler
Handler for NextHop profile requests backed by DESS.
name=RDP,SERVICE-PROFILE
=DESSServiceProfileHandler
Handler for Service profile requests backed by DESS.
name=RDP,PROXY=ProxyHandl RADIUS Proxy MBean. Provides configuration of RADIUS
er
Proxy handler.
name=RDP,PROXY=ProxyHandl RADIUSClientSocket MBean. Provides the RADIUS Client
er,component=RADIUSClientSoc Socket.
ket
Cisco Subscriber Edge Services Manager Application Management Guide
C-16
OL-3983-02
Appendix C
Application Manager MBeans
RADIUS Data Proxy MBeans
MBean
Description
name=RDP,RADIUSListener=AC ERP listener MBean. Provides an ERPListener for RADIUS
COUNTING
requests.
name=RDP,RADIUSListener=AC RADIUSServerSocket MBean. Provides RADIUS Server Socket
COUNTING,
configuration for accounting.
component=RADIUSServerSock
et,
name=RDP,RADIUSListener=AC ThreadPool MBean. Provides the ThreadPool settings for the
COUNTING,
accounting listener.
component=ThreadPool
name=RDP,RADIUSListener=A
UTH
ERP listener MBean. Provides an ERPListener for Auth
(authentication and authorization) requests.
name=RDP,RADIUSListener=A RADIUSServerSocket MBean. Provides the RADIUS server
UTH,component=RADIUSServer socket for the auth listener.
Socket
name=RDP,RADIUSListener=A
UTH,component=ThreadPool
ThreadPool MBean. Provides ThreadPool settings for the auth
listener.
name=RDP,RDP=RDPHandler
RDPHandler MBean. Provides the initial ERP handler for the
RDP. Select between AAA and Profile requests.
name=RDP,PROFILE=DESSProf DESSProfileHandler MBean. Handler for Profile request backed
ileHandler
by DESS. Uses the ObjectClass to select a the actual Profile
Handler.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-17
Appendix C
Application Manager MBeans
Captive Portal MBeans
Captive Portal MBeans
com.cisco.sesm
MBean
Description
name=Directory,type=Connection,
instance=Primary
Primary connection MBean. Allows you to configure the
primary connection to the LDAP directory server.
agent=Configuration
Configuration agent MBean. This object observes JMX
registration events looking for objects known to it. If a known
object registers, then the configuration agent attempts to use it's
MBean interface to push a configuration at the new MBean.
name=ExtensionSpecification
Extension Specification MBean. Allows you to configure an
extension specification holding an extension and, optionally, a
provider. Examples of extensions are Authentication,
Authorization, ServiceConnection and ServiceProfile.
Examples of providers are com.cisco.sesm.spis.demo,
com.cisco.sesm.spis.radius and com.cisco.sesm.spis.dess.
name=WebApp
Web applications MBean. In the case of Captive Portal, this
MBean is used to configure dimension data so as to map
locations to location URLs.
name=Directory,type=Connection,in Secondary connection MBean. Allows you to configure the
stance=Secondary
secondary connection to the LDAP directory server.
name=Directory
Directory MBean. Allows you to configure the LDAP directory
server.
name=Extension
Extension MBean. Allows you to configure extension
specifications and the default provider.
name=SSG
SSG MBean. Allows you to perform configuration of the SSG
connections.
name=Logger
Logger MBean. Allows you to configure the log, trace, and
debug mechanisms.
name=Version
Version MBean. Allows you to get the package version of the
jar file for the SESM model.
name=captiveportal
Web application to redirect requests due to TCP-redirection
from the edge device.
name=SESM
SESM MBean. Allows you to configure settings and to view
statistics for the SESM model.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure the
AgentView MBean.
name=JNDI
JNDI naming server MBean. Allows you to perform JNDI
naming server configuration for storing and retrieving
extensions.
name=Location
Location MBean. Allows you to define a set of Locations. A
Location is defined by a set of identifiers: Client IP address,
VPI and sub-interface. For example, the application can use the
location of a session to change its look and feel.
Cisco Subscriber Edge Services Manager Application Management Guide
C-18
OL-3983-02
Appendix C
Application Manager MBeans
Captive Portal MBeans
org.mortbay.jetty
MBean
Description
SESMSocketListener=5,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
Debug=0
Debugging and Defensive programming support.
SESMSocketListener=6,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
SESMSocketListener=2,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
NCSARequestLog=0,Server=0,name HTTP Request logger providing the normal or extended NCSA
=Jetty
format.
OutputStreamLogSink=0,name=Log A LogSink that writes messages to a OutputStream or File.
SESMSocketListener=3,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
SESMSocketListener=7,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
SESMSSLListener=0,Server=0,nam
e=Jetty
com.cisco.sesm.jetty.SESMSSLListener
Server=0,WebApplicationContext=0 A J2EE Web application extension of ServletHttpContext.
,context=/,name=Jetty
Changes made to this MBean are not persisted.
SESMSocketListener=1,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
Server=0,name=Jetty
Jetty HTTP Server and Servlet container.
name=Log
The org.mortbay.util.Log logging service. This object allows
LogSink instances to be added. MBeans for the LogSinks are
created by this object.
SESMSocketListener=4,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
SESMSocketListener=0,Server=0,na com.cisco.sesm.jetty.SESMSocketListener
me=Jetty
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-19
Appendix C
Application Manager MBeans
Web Application (NWSP) MBeans
Web Application (NWSP) MBeans
com.cisco.sesm
MBean
Description
name=Directory,type=Connection,instan
ce=Primary
Primary connection MBean. Allows you to configure the
primary connection to the LDAP directory server.
agent=Configuration
Configuration agent MBean. This object observes JMX
registration events looking for objects known to it. If a
known object registers, then the configuration agent
attempts to use it's MBean interface to push a configuration
at the new MBean.
name=ExtensionSpecification
Extension Specification MBean. Allows you to configure
an extension specification holding an extension and,
optionally, a provider. Examples of extensions are
Authentication, Authorization, ServiceConnection and
ServiceProfile. Examples of providers are
com.cisco.sesm.spis.demo, com.cisco.sesm.spis.radius and
com.cisco.sesm.spis.dess.
name=WebApp
Web applications MBean. Allows you to configure
different aspects of the behavior of the web applications.
name=Directory
Directory MBean. Allows you to configure the LDAP
directory server.
name=Directory,type=Connection,instan
ce=Secondary
Secondary connection MBean. Allows you to configure the
secondary connection to the LDAP directory server.
name=DESSMode
DESS mode MBean. Allows you to configure the naming
used for the LDAP directory as well as the Token Check
Interval. In addition, this MBean allows you to display the
current, total and maximum number of sessions.
name=Extension
Extension MBean. Allows you to configure extension
specifications and the default provider.
name=SSG
SSG MBean. Allows you to perform configuration of the
SSG connections.
name=Logger
Logger MBean. Allows you to configure the log, trace, and
debug mechanisms.
name=Version
Version MBean. Allows you to get the package version of
the jar file for the SESM model.
name=SESM
SESM MBean. Allows you to configure settings and view
statistics for the SESM model.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure the
AgentView MBean.
Cisco Subscriber Edge Services Manager Application Management Guide
C-20
OL-3983-02
Appendix C
Application Manager MBeans
Web Application (NWSP) MBeans
MBean
Description
name=JNDI
JNDI naming server MBean. Allows you to perform JNDI
naming server configuration for storing and retrieving
extensions.
name=Location
Location MBean. Allows you to define a set of Locations.
A Location is defined by a set of identifiers: Client IP
address, VPI and sub-interface. For example, the
application can use the location of a session to change its
look and feel.
org.mortbay.jetty
MBean
Description
Debug=0
Debugging and Defensive programming support.
NCSARequestLog=0,Server=0,name=Jetty
HTTP Request logger providing the normal or
extended NCSA format.
OutputStreamLogSink=0,name=Log
A LogSink that writes messages to a OutputStream
or File.
SESMSSLListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSSLListener
Server=0,WebApplicationContext=0,
context=/,name=Jetty
A J2EE Web application extension of
ServletHttpContext. Changes made to this MBean
are not persisted.
Server=0,name=Jetty
Jetty HTTP Server and Servlet container.
name=Log
The org.mortbay.util.Log logging service. This
object allows LogSink instances to be added.
MBeans for the LogSinks are created by this object.
SESMSocketListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSocketListener
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-21
Appendix C
Application Manager MBeans
Message Portal MBeans
Message Portal MBeans
com.cisco.sesm
MBean
Description
name=Directory,type=Connection,inst Primary connection MBean. Allows you to configure the
ance=Primary
primary connection to the LDAP directory server.
agent=Configuration
Configuration agent MBean. This object observes JMX
registration events looking for objects known to it. If a known
object registers, then the configuration agent attempts to use
it's MBean interface to push a configuration at the new
MBean.
name=Directory,type=Connection,inst Secondary connection MBean. Allows you to configure the
ance=Secondary
secondary connection to the LDAP directory server.
name=Directory
Directory MBean. Allows you to configure the LDAP
directory server.
name=messageportal
Message portal MBean. Allows you to configure settings for
the Message Portal.
name=Extension
Extension MBean. Allows you to configure extension
specifications and the default provider.
name=Logger
Logger MBean. Allows you to configure the log, trace, and
debug mechanisms.
name=Version
Version MBean. Allows you to get the package version of the
jar file for the SESM model.
name=SESM
SESM MBean. Allows you to configure settings and to view
statistics for the SESM model.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure the
AgentView MBean.
name=JNDI
JNDI naming server MBean. Allows you to perform JNDI
naming server configuration for storing and retrieving
extensions.
name=Location
Location MBean. Allows you to define a set of Locations. A
Location is defined by a set of identifiers: Client IP address,
VPI and sub-interface. For example, the application can use
the location of a session to change its look and feel.
Cisco Subscriber Edge Services Manager Application Management Guide
C-22
OL-3983-02
Appendix C
Application Manager MBeans
Message Portal MBeans
org.mortbay.jetty
MBean
Description
Debug=0
Debugging and Defensive programming support.
NCSARequestLog=0,Server=0,name=Jetty
HTTP Request logger providing the normal or
extended NCSA format.
OutputStreamLogSink=0,name=Log
A LogSink that writes messages to a OutputStream
or File.
Server=0,WebApplicationContext=0,
context=/,name=Jetty
A J2EE Web application extension of
ServletHttpContext. Changes made to this MBean
are not persisted.
Server=0,name=Jetty
Jetty HTTP Server and Servlet container.
name=Log
The org.mortbay.util.Log logging service. This
object allows LogSink instances to be added.
MBeans for the LogSinks are created by this object.
SESMSocketListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSocketListener
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-23
Appendix C
Application Manager MBeans
Web Services Gateway MBeans
Web Services Gateway MBeans
com.cisco.sesm
MBean
Description
name=Directory,type=Connection,inst Primary connection MBean. Allows you to configure the
ance=Primary
primary connection to the LDAP directory server.
agent=Configuration
Configuration agent MBean. This object observes JMX
registration events looking for objects known to it. If a known
object registers, then the configuration agent attempts to use
it's MBean interface to push a configuration at the new
MBean.
name=ExtensionSpecification
Extension Specification MBean. Allows you to configure an
extension specification holding an extension and, optionally,
a provider. Examples of extensions are Authentication,
Authorization, ServiceConnection and ServiceProfile.
Examples of providers are com.cisco.sesm.spis.demo,
com.cisco.sesm.spis.radius and com.cisco.sesm.spis.dess.
name=WebApp
Web applications MBean. In the case of Captive Portal, this
MBean is used to configure dimension data so as to map
locations to location URLs.
name=Directory,type=Connection,inst Secondary connection MBean. Allows you to configure the
ance=Secondary
secondary connection to the LDAP directory server.
name=Directory
Directory MBean. Allows you to configure the LDAP
directory server.
name=Extension
Extension MBean. Allows you to configure extension
specifications and the default provider.
name=SSG
SSG MBean. Allows you to perform configuration of the
SSG connections.
name=Logger
Logger MBean. Allows you to configure the log, trace, and
debug mechanisms.
name=Version
Version MBean. Allows you to get the package version of the
jar file for the SESM model.
name=SESM
SESM MBean. Allows you to set configuration and statistics
parameters.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure the
AgentView MBean.
name=JNDI
NDI naming server MBean. Allows you to perform NDI
naming server configuration for storing and retrieving
extensions.
name=Location
Location MBean. Allows you to define a set of Locations. A
Location is defined by a set of identifiers: Client IP address,
VPI and sub-interface. For example, the application can use
the location of a session to change its look and feel.
Cisco Subscriber Edge Services Manager Application Management Guide
C-24
OL-3983-02
Appendix C
Application Manager MBeans
Web Services Gateway MBeans
org.mortbay.jetty
MBean
Description
Debug=0
Debugging and Defensive programming
support.
NCSARequestLog=0,Server=0,name=Jetty
HTTP Request logger providing the
normal or extended NCSA format.
OutputStreamLogSink=0,name=Log
A LogSink that writes messages to a
OutputStream or File.
Server=0,WebApplicationContext=0,context=/,name=Jetty A J2EE Web application extension of
ServletHttpContext. Changes made to
this MBean are not persisted.
Server=0,name=Jetty
Jetty HTTP Server and Servlet container.
name=Log
The org.mortbay.util.Log logging
service. This object allows LogSink
instances to be added. MBeans for the
LogSinks are created by this object.
SESMSocketListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSocketListen
er
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-25
Appendix C
Application Manager MBeans
CDAT MBeans
CDAT MBeans
com.cisco.sesm
MBean
Description
name=Directory,type=Connection,instance Primary connection MBean. Allows you to configure the
=Primary
primary connection to the LDAP directory server.
agent=Configuration
Configuration agent MBean. This object observes JMX
registration events looking for objects known to it. If a
known object registers, then the configuration agent
attempts to use it's MBean interface to push a
configuration at the new MBean.
name=MainServlet
MainServlet MBean. This class allows the links on the
main page of CDAT to be configured
name=Logger
Logger MBean. Allows you to configure the log, trace,
and debug mechanisms.
name=CDAT
CDAT MBean. This class allows various parameters
affecting the functioning of CDAT to be configured.
name=ManagementConsole
ManagementConsole MBean. Allows you to configure
the AgentView MBean.
name=Directory,type=Connection,instance Secondary connection MBean. Allows you to configure
=Secondary
the secondary connection to the LDAP directory server.
name=Directory
Directory MBean. Allows you to configure the LDAP
directory server.
org.mortbay.jetty
MBean
Description
Debug=0
Debugging and Defensive programming
support.
NCSARequestLog=0,Server=0,name=Jetty
HTTP Request logger providing the
normal or extended NCSA format.
OutputStreamLogSink=0,name=Log
A LogSink that writes messages to a
OutputStream or File.
Server=0,name=Jetty
Jetty HTTP Server and Servlet container.
name=Log
The org.mortbay.util.Log logging
service. This object allows LogSink
instances to be added. MBeans for the
LogSinks are created by this object.
SESMSocketListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSocketListen
er
Cisco Subscriber Edge Services Manager Application Management Guide
C-26
OL-3983-02
Appendix C
Application Manager MBeans
DNS Proxy MBeans
Server=0,WebApplicationContext=0,context=/ A J2EE Web application extension of
,name=Jetty
ServletHttpContext. Changes made to
this MBean are not persisted.
SESMSSLListener=0,Server=0,name=Jetty
com.cisco.sesm.jetty.SESMSSLListener
DNS Proxy MBeans
MBean
Description
agent=configuration
Configuration agent MBean. This object
observes JMX registration events looking for
objects known to it. If a known object registers,
then the configuration agent attempts to use it's
MBean interface to push a configuration at the
new MBean.
name=DNSProxy
DNS proxy MBean. Extensible Request Proxy.
Provides mapping of ERPlisteners to request
handlers in DNSProxy.
name=DNSProxy,DNS=DNSSubstituteIPhandler
DNS substitute IP handler MBean. A DNS
Handler that inserts a substitute IP address into
the DNS response in the event of an unresolved
request.
name=DNSProxy,RESOLVER=DNSDelegationHa DNS delegation handler MBean. A DNS
ndler
Handler that delegates requests to other servers.
name=DNSProxy,UDPListener=DNS
UDP listener MBean. A listener for DNS
requests.
name=DNSProxy,UDPListener=DNS,component= ThreadPool MBean. The DNSProxy application
ThreadPool
ThreadPool.
name=Logger
Logger MBean. Allows you to configure the log,
trace, and debug mechanisms.
name=ManagementConsole
ManagementConsole MBean. Allows you to
configure the AgentView MBean.
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
C-27
Appendix C
Application Manager MBeans
DNS Proxy MBeans
Cisco Subscriber Edge Services Manager Application Management Guide
C-28
OL-3983-02
I N D EX
MBean
A
1-1
console
AddWebApplication
7-5
management
Agent View
B-3
constructing MBeans
accessing
B-2, B-4
description
context
B-1, B-2
path attribute
links on CDAT main window
URLs
B-4
using
B-5
7-5
B-4
D
Agent View tool
B-1
database, profiles
append attribute
7-3, 7-5
debug attribute
application.home
application.log
5-8, 7-3, 7-5, 7-7
debugging
7-2, 7-4, 7-7
Apply button, AgentView
B-9
attributes, configuration
persisting changes
5-7
1-2
7-3, 7-6
7-1, 7-3, 7-6
Debug MBean
applications list, on firewall pages
7-3
debugPatterns attribute
7-3, 7-6
debugThreads attribute
7-6
debugVerbosity attribute
B-9
authentication
multikey
A-3
defining new attributes
7-6
5-10
diagram
5-10
SESM reference network
AuthInfo attribute
B-3
dictionary
5-10
direction attribute
documentation map
C
DTD
1-4
5-8
1-5
A-1
CDAT
main window
B-4
session tuning
5-6
timeouts
E
5-6
editing configuration files
comments, in MBeans
compressed images
ConfigAgent
1-5, A-3
configuration files
DTD
1-2
5-5, 6-6, B-9
A-1
executables
adding Windows services
stop scripts
4-4
4-4
executables, for installation
1-2
A-1
editing
A-1
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
IN-1
Index
troubleshooting
F
5-8, 7-1
JMX
filename attribute, in Log MBean
7-3
description
files
HTML Adaptor server
installation image names
MBean configuration
Merit
1-4
1-2
server
B-3
1-5, B-1
1-1
1-2
xmlconfig.dtd
L
A-1
See also logs
LDAP directory
firewalls
1-2
logDateFormat attribute
applications list
protocols
5-7
logFile attribute
5-7
7-7
logFrame attribute
Logger MBean
7-7
7-5, 7-6
logLabels attribute
H
Log MBean
HTML Adaptor server
1-5, B-1, B-3
HTTP
errors
7-2, 7-6
7-2
7-2
logOneLine attribute
7-2
logs
5-8, 7-1
request log
application.home
7-1
application.log
HttpServer MBean
7-5
I
configuring
A-3
image
1-2
important notes
results
7-3, 7-6
7-1
filenames
5-8, 7-3, 7-7
5-8, 7-2, 7-3
Jetty server activity
portal activity
installation
2-1
7-2, 7-7
file names
jetty.log
initializing MBeans
7-2
7-5
request.log
7-2, 7-4
turning off
7-6
logStack attribute
2-2
5-8, 7-3
7-7
logStackSize attribute
7-3
logStackTrace attribute
J
logTags attribute
J2EE containers
1-1
Java Management Extensions
jetty.log
7-3
7-7
logTimeStamps attribute
logTimezone attribute
See JMX
jetty.home
logThread attribute
7-5
7-3
logToErr attribute
7-3
7-2
7-7
5-8, 7-2, 7-3
Jetty server
log files
7-1
Cisco Subscriber Edge Services Manager Application Management Guide
IN-2
OL-3983-02
Index
Property tag, in XML files
M
5-5, 6-6, A-3, A-4, B-9
management console
configuring
port
Q
B-3
B-3
queryTimeout attribute
removing
starting
B-3
B-3
See also HTML Adaptor server
ManagementConsole MBean
map, documentation
MBeans
B-3
1-5
5-5, 6-6, B-9
ConfigAgent
A-3
1-4
A-3
Reload button
B-8
reload interval
B-8
A-3
7-3
B-1
See Agent View tool; Application Management tool
request.log
A-3
7-2, 7-4
retainDays attribute
7-2
Logger
1-2
remote management tool
constructing and initializing
description
RADIUS server
registering MBeans
1-1
comments in
Debug
R
reference network diagram
C-13
changing
Log
5-6
7-3, 7-4
returnOption attribute
5-8
7-5
property tags in
Server
5-5, 6-6, B-9
S
7-4
MBean View
B-2, B-6
Merit flat file
1-2
Server MBean
7-4
service
Microsoft Windows services
4-4
monitoring applications
B-10
multikey authentication
5-10
Windows
4-4
sessionTimeout attribute
SPE
5-6
1-2
startup scripts
failure
N
7-1
Java system properties
network diagram
1-4
Store button
A-4
B-9
suppressStack attribute
7-4
suppressWarnings attribute
P
system properties
persisting attribute changes
B-9
7-4
A-4
SystemProperty tag, in XML files
5-5, 6-6, A-3, A-4, B-9
ports
management console
profiles
B-3
1-2
properties files
T
tar files
1-2
See also system properties; aaa.properties file
Cisco Subscriber Edge Services Manager Application Management Guide
OL-3983-02
IN-3
Index
timeouts
CDAT
5-6
trace attribute
7-7
tuning CDAT sessions
5-6
U
Undo button
B-9
Unregister button
B-8
URLs
AgentView
B-4
V
verbose attribute
7-3
virtual
host name
7-5
W
warning
in log files
7-6
logging configuration attribute
Windows services
7-7
4-4
X
xmlconfig.dtd
A-1
Z
zip files
1-2
Cisco Subscriber Edge Services Manager Application Management Guide
IN-4
OL-3983-02
Download PDF
Similar pages