Configuring the Java Web Console

The Java Web Console is preconfigured to run without administrator intervention. However, you might choose to change some of the web console's default behavior by overriding the console's configuration properties.

Note

Starting with the Solaris Express 5/06 OS, you must use the wcadmin command to change these properties. Previously, the smreg command was used. For more information about the wcadmin command, see the wcadmin ( 1M ) man page.

Properties in the console's configuration files control the behavior of the console. To change the behavior, you define new values for properties to override the default values. The default values of most properties should not be overridden unless there is a specific need that the default values do not provide, such as specifying your own login service. In general, the property values that you might consider changing are the following:

See Example 3–5 for an example of specifying the auditing implementation.

How to Change Java Web Console Properties

  1. Become superuser or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services .

  2. Depending on which Solaris release you are running, change the selected property value as follows:

    • If you are running at least the Solaris Express 5/06 release, use this command:

      # wcadmin add -p -a console name=value
      
      
      p

      Specifies that the object type is a property.

      a console

      Specifies that the property changes are for the application named console. The a console option must always be used when you are changing console properties.

      name=value

      Specifies the property name and the new value for that property.

    • If you are not running at least the Solaris Express 5/06 release, use this command:

      # smreg add -p -c name=value
      
      
  3. Reset a console property to its default value.

    • If you are running at least the Solaris Express 5/06 release, use this command:

      # wcadmin remove -p -a console name
      
      
    • If you are not running at least the Solaris Express 5/06 release, use this command:

      # smreg remove -p -c name
      
      
      p

      Specifies that the object type is a property.

      c

      Specifies that the property changes are for the console application. The c option must always be used when you are changing console properties.

      name=value

      Specifies the property name and the new value for that property.

Example 3.1. Changing the Java Web Console's Session Timeout Property

This example shows how to set the session time out value to 5 minutes.

# wcadmin add -p -a console session.timeout.value=5

Example 3.2. Configuring the Java Web Console Logging Level

This example shows you how to set the logging level to all.

# wcadmin add -p -a console logging.default.level=all

Example 3.3. Resetting the Java Web Console Logging Level to the Default Value

This example shows how to reset the logging level to the default.

# wcadmin remove -p -a console logging.default.level

Example 3.4. Specifying a Java Version for the Java Web Console

This example shows how to set the Java version for the console.

# wcadmin add -p -a console java.home=/usr/java

Example 3.5. Choosing an Auditing Implementation for the Java Web Console

This example shows you how to set the auditing implementation to None.

# wcadmin add -p -a console audit.default.type=None

Java Web Console User Identity

By default, the web console runs under the user identity, noaccess. However, some system configurations disable the noaccess user, or set the login shell for the noaccess user to an invalid entry to make this user identity unusable.

When the noaccess user is not usable, the web console server cannot be started or configured, so an alternative user identity must be specified. Ideally, the user identity should be changed only once, before the console server is configured at initial startup. While the identity can be changed after configuration is completed, the changes that then must be made to the console infrastructure are complex and time consuming.

You can configure the web console to run under an alternative non-root user identity by using either of the following commands:

# smcwebserver -U username

This command starts the web console server under the specified user identity. The web console server runs under this identity each time the server is subsequently started.

If you are running at least the Solaris Express 5/06 release, use this command:

# wcadmin add -p -a console com.sun.web.console.user=username

If you are not running at least the Solaris Express 5/06 release, use this command:

# smreg add -p -c com.sun.web.console.user=username

This command causes the web console server to run under the specified user identity the next time the server starts, and each time the server is started.

Using the Console Debug Trace Log

By default, the console does not log debug messages. You can turn on debug logging to help troubleshoot console service problems.

Use the debug.trace.level property to turn on debug logging by setting the property to a value other than 0. Available choices include the following:

  • 1 - Use this setting to record potentially severe errors.

  • 2 - Use this setting to record important messages, as well as error messages of the 1 level.

  • 3 - Use this setting to record all possible messages with full details.

By default, the debug trace log is created in the /var/log/webconsole directory and is named console_debug_log. Historical logs, such as console_debug_log.1 and console_debug_log.2 might also exist in this directory. There can be up to five (default setting) historical logs stored in this directory before the earliest log is deleted and a new log is created.

Example 3.6. Setting the Console Debug Trace Log Level

Use the following command to set the debug trace log level to 3.

For the Solaris Express 5/06 release, use this command:

# wcadmin add -p -a console debug.trace.level=3

If you are not running at least the Solaris Express 5/06 release, use this command:

# smreg add -p -c debug.trace.level=3

Example 3.7. Checking the Status of the debug.trace.level Property

To check the status of the debug.trace.level property, use the wcadmin list or smreg list command.

Solaris Express 5/06:

# wcadmin list -p | grep "debug.trace.level"

If you are not running at least the Solaris Express 5/06 release, use this command:

# smreg list -p | grep "debug.trace.level"