When troubleshooting single sign-on, it is useful to start the Java Work Process with Kerberos debugging enabled, and with a customized krb5.conf file. To facilitate this, I wrote a small Bash script. This complements the I wrote earlier.
We start all the normal WPs and CPs the traditional way, via a Service Manager. When troubleshooting the JWPs though, we start these using this script instead of via the SMgr. This script is designed to work on any of our servers, and we have individual INI files for each environment and node. You’ll have to customize the script for your needs. Enjoy.
#!/bin/bash
shopt -s extglob
# Lists of servers in each staging environment
EXP_SERVERS='@(expa|expb)'
EXP2_SERVERS='@(exp2a|exp2b)'
# Lists of primary and secondary members of clusters
PRIMARY_SERVERS='@(expa|exp2a)'
SECONDARY_SERVERS='@(expb|exp2b)'
export JAVA_HOME=/opt/uc4/java/jre1.8.0_102
export ORACLE_HOME=/opt/oclient/default
export PATH=$JAVA_HOME/bin:$ORACLE_HOME/bin:$PATH
export UC4_SERVER_HOME=/opt/uc4/server
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$UC4_SERVER_HOME:$LD_LIBRARY_PATH
export CLASSPATH=$ORACLE_HOME/jdbc/lib/ojdbc7.jar:$UC4_SERVER_HOME:$UC4_SERVER_HOME/lib:$CLASSPATH
export KRB5_CONFIG=$UC4_SERVER_HOME/krb5.conf
SERVER=$(uname -n)
#export JAVA_TOOL_OPTIONS="-Dsun.security.krb5.debug=true -Djavax.security.auth.login.name=UC4_${AE_ENV}/${SERVER}"
export JAVA_TOOL_OPTIONS="-DlogToConsole -Dsun.security.krb5.debug=true -Djava.security.krb5.conf=${KRB5_CONFIG}"
case "$SERVER" in
${EXP_SERVERS})
AE_ENV=EXP
;;
${EXP2_SERVERS})
AE_ENV=EXP2
;;
*)
echo "Error: $HOSTNAME is not known."
exit 1
;;
esac
case "$SERVER" in
${PRIMARY_SERVERS})
AE_NODE=A
;;
${SECONDARY_SERVERS})
AE_NODE=B
;;
*)
echo "Error: $HOSTNAME is not known."
exit 1
;;
esac
export INI_FILE="$UC4_SERVER_HOME/ucsrv_${AE_ENV}-${AE_NODE}.ini"
export LOG_FILE="$UC4_SERVER_HOME/${AE_ENV}-${AE_NODE}_JWP_out.txt"
if [[ -s $LOG_FILE ]]; then
i rm $LOG_FILE
fi
date | tee -a $LOG_FILE
echo "AE_ENV : $AE_ENV" | tee -a $LOG_FILE
echo "AE_NODE : $AE_NODE" | tee -a $LOG_FILE
echo "JAVA_HOME : $JAVA_HOME" | tee -a $LOG_FILE
echo "CLASSPATH : $CLASSPATH" | tee -a $LOG_FILE
echo "KRB5_CONFIG : $KRB5_CONFIG" | tee -a $LOG_FILE
echo "LD_LIBRARY_PATH : $LD_LIBRARY_PATH" | tee -a $LOG_FILE
echo "PATH : $PATH" | tee -a $LOG_FILE
echo "INI_FILE : $INI_FILE" | tee -a $LOG_FILE
echo "LOG_FILE : $LOG_FILE" | tee -a $LOG_FILE
nohup $JAVA_HOME/bin/java -Xmx512M -Dsun.security.krb5.debug=true -jar ./ucsrvjp.jar -I${INI_FILE} >> $LOG_FILE 2>&1 &