WSO2 Identity Server is an open source identity and entitlement management server that you can find lot cross cutting features including technologies like SAML, XACML, OAuth, SCIM, WS* and so on. Sometime, It would be little bit hard to work with Identity Server, specially when you encounter with issues without much descriptions. As Identity Server is an identity product the may be deal with end consumer, It uses exception shielding pattern heavily. As an example, If you can not authenticate with Identity Server, It just show you an error saying “Authentication failure”. If you just see the log file of Identity Server which can be found at <IS_HOME>/repository/logs/wso2carbon.log, It also contains a simple warn message of authentication failure. As an developer, It is difficult to find the actual error. But there is some option for this. You can enable debug logs of Identity Server and can see more comprehensive logs that help developers to understand the actual problem.
Enable Debug logs in All components
Step1. Locate log4j.properties file which can be found at <IS_HOME>/repository/conf directory.
Step2. Enable debug logs for all WSO2 related components by configuring following parameter in to debug.
By default, you can find this
log4j.logger.org.wso2=INFO
To enable debug logs, You can change it as following
log4j.logger.org.wso2=DEBUG
Step3. Restart the server.
Enable debug logs in specified component
It is not practical to enable debug logs all component in the server, Therefore we need to know enable it specific components…
Say, If it is authentication failure or user store related issue, Please add following entry to log4j.properties file
log4j.logger.org.wso2.carbon.user.core=DEBUG
Say, If issue is with XACML components and you need to see the XACML request and response messages
log4j.logger.org.wso2.carbon.identity.entitlement=DEBUG
Say, If issue is with OAuth 2.0
log4j.logger.org.wso2.carbon.identity.oauth2=DEBUG
Say, If issue is with SAML2 SSO
log4j.logger.org.wso2.carbon.identity.sso.saml=DEBUG
Basically, If you need to enable debug logs in identity and entitlement components, Please use following general configuration…
log4j.logger.org.wso2.carbon.user=DEBUG log4j.logger.org.wso2.carbon.identity=DEBUG log4j.logger.org.wso2.carbon.claim.mgt=DEBUG log4j.logger.org.wso2.carbon.idp.mgt=DEBUG log4j.logger.org.wso2.carbon.claim.mgt=DEBUG
I guess this would help you a lot…..