HOAB

History of a bug

CA Apm Introscope and tracer not executed

Rédigé par gorki Aucun commentaire

Problem :

Silent code :) Configuration was OK, or seems to be, logs was OK but nothing happen.

For a project, I use Broadcom CA APM, formely Introscope, I created a custom Tracer, adding the required configuration but my tracer was not executed. Furthermore, another “standard” tracer was not executed also.

Solution :

Easy steps : 

  • Check the agent logs : ERROR is displayed :
    • [IntroscopeAgent.Agent] Unable to create tracer factories for the following class (library not found): 
  • Put agent logs in VERBOSE mode, I would had the solution directly
    • Same information class not found.
  • But because I everything for remote debug ready, I lost time but learn things
    • My tracer was using the same flag as the standard one : if one tracer can not be created, the whole flag is not enabled.
  • You can trace the classes to check if they are correctly instrumented compared to AutoProbe log. I never, never had a difference hier. If it says it's instrumented, then it is.
  •  

At the end the problem is "class not found" for one of the 2 tracers. So simple

And the class was of course present in the jar file. So it was related to the declaration of this class in the MANIFEST.MF required for CA APM Introscope extension : 

com-wily-Extension-Plugin-XXXX-Name: XXXX Frontend Tracer
com-wily-Extension-Plugin-XXXX-Type: tracer
com-wily-Extension-Plugin-XXXX-Version: 1
com-wily-Extension-Plugin-XXXX-Entry-Point-Class: com.xxx.xxxx.MyTracer

 

Lire la suite de CA Apm Introscope and tracer not executed

Introscope intrumentation static / final method

Rédigé par gorki Aucun commentaire

Problem :

It seems that I have no metric on one particular method while it works for all the others.

This is method is  :

public final boolean myMethod(myArgs) 

Does the fact that this method is final is a problem for bytecode instrumentation of Introscope ?

Solution :

No. It works :) As usual. My problem is somewhere else.

3 classes : 

Parent

package com.test.caapm.finalmethodtest;

public class ParentClass {
    public void finalMethod() {
        System.out.println("parentFinalMethod");
    }
}

Middle

package com.test.caapm.finalmethodtest;

public class TestFinalMethodAgent extends ParentClass {

    public static void staticMethod() {
        System.out.println("staticMethod");
    }

    public final static void finalStaticMethod() {
        System.out.println("finalStaticMethod");
    }

    public final void finalMethod() {
        System.out.println("finalMethod");
    }

    public static void main(String... args) {
        TestFinalMethodAgent test = new TestFinalMethodAgent();

        while(true) {
            test.finalMethod();
            TestFinalMethodAgent.staticMethod();
            TestFinalMethodAgent.finalStaticMethod();
            try {
                Thread.sleep(1000);
            } catch (InterruptedException e) {
                throw new RuntimeException(e);
            }
        }
    }

}

Child

package com.test.caapm.finalmethodtest;

public class ChildClass extends TestFinalMethodAgent{
}

Pbd

SetFlag: TestFinalMethod
TurnOn: TestFinalMethod

IdentifyDeepInheritedAs: com.test.caapm.finalmethodtest.ParentClass TestFinalMethod

TraceAllMethodsIfFlagged: TestFinalMethod PerIntervalCounter "{classname} - {method}"

 

 

 

 

 

 

Introscope & SAML (saml.jsp)

Rédigé par gorki Aucun commentaire

Problem :

I tried to connect Broadcom Introscope 10.7 and SAML given by Keycloak.

Based on these documents : 

Well not enough to make it works.

Solution :

Thanks to remote debug mode, the key is that the callback URL is : 

https://<webview url>/saml.jsp

Search for saml.jsp + introscope on google. Good luck.

Here are the steps (assuming that you already have a keycloak realm up and ready) : 

Step 1 : IntroscopeEnteprise.properties

introscope.saml.enable=true
introscope.saml.request.binding=POST
introscope.saml.idpUrl=<URL_KEYCLOAK>/realms/<your realm>/protocol/saml
introscope.saml.issuer=com.ca.apm.webview.serviceprovider
introscope.saml.webstart.issuer=com.ca.apm.webstart.serviceprovider
introscope.saml.em.issuer=com.ca.apm.em.serviceprovider
introscope.saml.principalAttributeName=principalName
introscope.saml.groupsAttributeName=groups
introscope.saml.webstart.tokenTimeoutInSeconds=60
introscope.saml.internalIdp.enable=false
# introscope.saml.internalIdpUrl=http://localhost:8080/idp/profile/SAML2/POST/SSO

Step 2 : Keycloak configuration

  1. Create a client named as introscope.saml.issuer so in our case :  com.ca.apm.webstart.serviceprovider
  2. Enter the callback URL in Master SAML Processing URL : https://<webview url>/saml.jsp

Step 3 : Certificates

You should secure you communication between Introscope and Keycloak : 

  1. Provide HTTPS for Keycloak
  2. Provide HTTPS for Introscope
  3. Sign information in Keycloak client
  4. Import Keycloak key in a JKS truststore for Java (Webview part). Keycloak client certificate are in the client definition, tab “Keys”.
    1. Follow Official guide to create the JKS
  5. Point to this truststore (example : spprivatekey.jks) - next steps.

Step 4 : IntroscopeWebview.properties:

apm.webview.saml.sp.truststore=/path/to/spprivatekey.jks
Fil RSS des articles de ce mot clé