diff --git a/api-catalog-services/src/main/resources/application.yml b/api-catalog-services/src/main/resources/application.yml index eacdbae3a3..9095de68a1 100644 --- a/api-catalog-services/src/main/resources/application.yml +++ b/api-catalog-services/src/main/resources/application.yml @@ -211,6 +211,7 @@ logging: com.netflix: INFO org.ehcache: INFO com.netflix.discovery.shared.transport.decorator: DEBUG + org.apache.tomcat.util.net.jsse.JSSESupport: INFO --- spring: diff --git a/caching-service/src/main/resources/application.yml b/caching-service/src/main/resources/application.yml index 06f6ef2fe2..0f7a99723e 100644 --- a/caching-service/src/main/resources/application.yml +++ b/caching-service/src/main/resources/application.yml @@ -166,6 +166,7 @@ logging: org.springframework: INFO org.apache: INFO org.apache.http: DEBUG + org.apache.tomcat.util.net.jsse.JSSESupport: INFO com.netflix: INFO org.hibernate: INFO org.springframework.web.servlet.PageNotFound: WARN diff --git a/cloud-gateway-service/src/main/resources/application.yml b/cloud-gateway-service/src/main/resources/application.yml index 389b344d12..bf791c7828 100644 --- a/cloud-gateway-service/src/main/resources/application.yml +++ b/cloud-gateway-service/src/main/resources/application.yml @@ -112,6 +112,7 @@ logging: reactor.netty.http.client.HttpClient: DEBUG reactor.netty.http.client.HttpClientConnect: DEBUG com.netflix: DEBUG + org.apache.tomcat.util.net.jsse.JSSESupport: INFO --- spring.config.activate.on-profile: attls diff --git a/common-service-core/src/main/java/org/zowe/apiml/passticket/AbstractIRRPassTicketException.java b/common-service-core/src/main/java/org/zowe/apiml/passticket/AbstractIRRPassTicketException.java index 8719ee9de9..a7cc971bbd 100644 --- a/common-service-core/src/main/java/org/zowe/apiml/passticket/AbstractIRRPassTicketException.java +++ b/common-service-core/src/main/java/org/zowe/apiml/passticket/AbstractIRRPassTicketException.java @@ -38,7 +38,13 @@ public ErrorCode getErrorCode() { } protected String getMessage(String baseMessage) { - return baseMessage + ' ' + getErrorCode().getMessage(); + return String.format("%s %s: safRc=%d, racfRc=%d, racfRsn=%d", + baseMessage, + getErrorCode().getMessage(), + this.safRc, + this.racfRc, + this.racfRsn + ); } public int getHttpStatus() { diff --git a/common-service-core/src/main/java/org/zowe/apiml/passticket/PassTicketService.java b/common-service-core/src/main/java/org/zowe/apiml/passticket/PassTicketService.java index 1acef57fb1..f78e5032d8 100644 --- a/common-service-core/src/main/java/org/zowe/apiml/passticket/PassTicketService.java +++ b/common-service-core/src/main/java/org/zowe/apiml/passticket/PassTicketService.java @@ -14,7 +14,7 @@ import org.zowe.apiml.util.ObjectUtil; import lombok.AllArgsConstructor; import lombok.Value; - +import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import java.util.HashMap; @@ -25,10 +25,12 @@ /** * This class allows to get a PassTicket from SAF. */ +@Slf4j public class PassTicketService { private final IRRPassTicket irrPassTicket; + @SuppressWarnings("unchecked") public PassTicketService() { this.irrPassTicket = ClassOrDefaultProxyUtils.createProxy(IRRPassTicket.class, "com.ibm.eserver.zos.racf.IRRPassTicket", DefaultPassTicketImpl::new, @@ -47,7 +49,12 @@ public synchronized void evaluate(String userId, String applId, String passTicke // IRRPassTicket is not thread-safe, must be synchronized public synchronized String generate(String userId, String applId) throws IRRPassTicketGenerationException { - return irrPassTicket.generate(userId.toUpperCase(), applId.toUpperCase()); + try { + return irrPassTicket.generate(userId.toUpperCase(), applId.toUpperCase()); + } catch (IRRPassTicketGenerationException | RuntimeException e) { + log.debug("Error during pass ticket generation, userId={}, applid={}, exception={}", userId, applId, e); + throw e; + } } public boolean isUsingSafImplementation() { diff --git a/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketEvaluationExceptionTest.java b/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketEvaluationExceptionTest.java index 613861452f..c84b134cb3 100644 --- a/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketEvaluationExceptionTest.java +++ b/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketEvaluationExceptionTest.java @@ -23,7 +23,7 @@ void testInit() { assertEquals(12, exception.getRacfRc()); assertEquals(20, exception.getRacfRsn()); assertEquals(AbstractIRRPassTicketException.ErrorCode.ERR_8_12_20, exception.getErrorCode()); - assertEquals("Error on evaluation of PassTicket: Invocation of the Security Server Network Authentication Service Program Call (PC) interface failed with an 'abend in the PC service routine' return code. The symptom record associated with this abend can be found in the logrec data set.", exception.getMessage()); + assertEquals("Error on evaluation of PassTicket: Invocation of the Security Server Network Authentication Service Program Call (PC) interface failed with an 'abend in the PC service routine' return code. The symptom record associated with this abend can be found in the logrec data set.: safRc=8, racfRc=12, racfRsn=20", exception.getMessage()); IRRPassTicketEvaluationException exception2 = new IRRPassTicketEvaluationException(AbstractIRRPassTicketException.ErrorCode.ERR_8_16_28); assertEquals(8, exception2.getSafRc()); diff --git a/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketGenerationExceptionTest.java b/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketGenerationExceptionTest.java index fa406625ce..3605bc9eea 100644 --- a/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketGenerationExceptionTest.java +++ b/common-service-core/src/test/java/org/zowe/apiml/passticket/IRRPassTicketGenerationExceptionTest.java @@ -23,7 +23,7 @@ void testInit() { assertEquals(16, exception.getRacfRc()); assertEquals(32, exception.getRacfRsn()); assertEquals(AbstractIRRPassTicketException.ErrorCode.ERR_8_16_32, exception.getErrorCode()); - assertEquals("Error on generation of PassTicket: " + AbstractIRRPassTicketException.ErrorCode.ERR_8_16_32.getMessage(), exception.getMessage()); + assertEquals("Error on generation of PassTicket: " + AbstractIRRPassTicketException.ErrorCode.ERR_8_16_32.getMessage() + ": safRc=8, racfRc=16, racfRsn=32", exception.getMessage()); IRRPassTicketGenerationException exception2 = new IRRPassTicketGenerationException(AbstractIRRPassTicketException.ErrorCode.ERR_8_12_8); assertEquals(8, exception2.getSafRc()); diff --git a/common-service-core/src/test/java/org/zowe/apiml/passticket/PassTicketServiceTest.java b/common-service-core/src/test/java/org/zowe/apiml/passticket/PassTicketServiceTest.java index 3ccfa300c1..d9aeb01bdd 100644 --- a/common-service-core/src/test/java/org/zowe/apiml/passticket/PassTicketServiceTest.java +++ b/common-service-core/src/test/java/org/zowe/apiml/passticket/PassTicketServiceTest.java @@ -73,6 +73,7 @@ public String generate(String userId, String applId) { @Test void testProxy() throws IRRPassTicketGenerationException { + @SuppressWarnings("unchecked") IRRPassTicket irrPassTicket = ClassOrDefaultProxyUtils.createProxy( IRRPassTicket.class, "notExistingClass", @@ -157,7 +158,7 @@ void testDefaultPassTicketImpl_GenerateUnknownUser() { assertEquals(16, e.getRacfRsn()); assertNotNull(e.getErrorCode()); assertEquals(AbstractIRRPassTicketException.ErrorCode.ERR_8_8_16, e.getErrorCode()); - assertEquals("Error on generation of PassTicket: Not authorized to use this service. Verify that the user and the application name are valid, and check that corresponding permissions have been set up.", e.getMessage()); + assertEquals("Error on generation of PassTicket: Not authorized to use this service. Verify that the user and the application name are valid, and check that corresponding permissions have been set up.: safRc=8, racfRc=8, racfRsn=16", e.getMessage()); } @Test diff --git a/discovery-service/src/main/resources/application.yml b/discovery-service/src/main/resources/application.yml index 8e4d46ef67..e4add7b02e 100644 --- a/discovery-service/src/main/resources/application.yml +++ b/discovery-service/src/main/resources/application.yml @@ -166,6 +166,7 @@ logging: org.springframework: INFO org.apache: INFO org.apache.http: DEBUG + org.apache.tomcat.util.net.jsse.JSSESupport: INFO com.netflix: INFO com.sun.jersey.server.impl.application.WebApplicationImpl: INFO org.ehcache: INFO diff --git a/gateway-service/src/main/resources/application.yml b/gateway-service/src/main/resources/application.yml index acf24afdd7..ffe653227d 100644 --- a/gateway-service/src/main/resources/application.yml +++ b/gateway-service/src/main/resources/application.yml @@ -302,6 +302,7 @@ logging: org.springframework: INFO org.apache: INFO org.apache.http: DEBUG + org.apache.tomcat.util.net.jsse.JSSESupport: INFO com.netflix: INFO org.hibernate: INFO org.springframework.web.servlet.PageNotFound: WARN diff --git a/gateway-service/src/test/java/org/zowe/apiml/gateway/security/service/TokenCreationServiceTest.java b/gateway-service/src/test/java/org/zowe/apiml/gateway/security/service/TokenCreationServiceTest.java index e5e6e27dd6..d5d030d33c 100644 --- a/gateway-service/src/test/java/org/zowe/apiml/gateway/security/service/TokenCreationServiceTest.java +++ b/gateway-service/src/test/java/org/zowe/apiml/gateway/security/service/TokenCreationServiceTest.java @@ -164,7 +164,7 @@ void givenPassTicketException_whenCreatingSafIdToken_thenExceptionThrown() throw underTest.createSafIdTokenWithoutCredentials(VALID_USER_ID, VALID_ZOSMF_APPLID); }); - assertEquals("Error on generation of PassTicket: An internal error was encountered.", e.getMessage()); + assertEquals("Error on generation of PassTicket: An internal error was encountered.: safRc=8, racfRc=8, racfRsn=8", e.getMessage()); } @Test