How to enable logging usage data in Open DACS API?
I would like my Open DACS Java application logs usage data. It performs permission checks against the connecting users but there is no usage associated to any user; there is no usage file. How to do this?
To enable logging usage data to log login and permission check events of the users, please follow the steps below:
- DACS has to enable what type of usage logging can be logged on DACS UI/Console at Tools -> Usage -> Set Usage Logging Filters… and select Eventsto log as example shown below that enables to log all events:
2. The Open DACS application specifies the preference usage logging(com.reuters.rfa.dacs.AuthorizationUsageType class) which can be:
- DONT_PERFORM_USAGE_LOGGING - usage logging should not be performed
- ALWAYS_PERFORM_USAGE_LOGGING - usage logging should be performed
- ONLY_SUCCESS_PERFORM_USAGE_LOGGING - usage logging should be performed for the specified Authorization operation only if the operation produced an access success.
- ONLY_DENIAL_PERFORM_USAGE_LOGGING - usage logging should be performed for the specified Authorization operation only if the operation produced an access denial.
When it logs in and checks authorization subscription. For example:
// All operations of usage logging performed. AuthorizationUsageType usage = AuthorizationUsageType.ALWAYS_PERFORM_USAGE_LOGGING; // Encapsulate the principal instance in the AuthorizationRequest instance. AuthorizationRequest request = new AuthorizationRequest(); // Set usage logging filter when log-in event occurs. request.setUsageLogging(usage); .. // Check subscription of item with the DACS server. authCheckResult = _agent.checkSubscription(_handle, usage,_reqtype,authCheckStatus,_serviceName, itemName, lockData);
3. Make the OpenDACS application waits for the usage is logged. Since the usage will be logged periodically around 5 seconds and it will not be logged after AuthorizationSystem.release(), the application should wait for the usage is logged before AuthorizationSystem.release() is called, for example:
try
{
//sleep 10 second to wait for usage is logged
//before releasing AuthorizationSystem
Thread.sleep(10000);
}catch(Exception e) {
e.printStackTrace();
}
//closing the connection from the dacs sink daemon.
//The method destroys AuthorizationAgent, releases AuthorizationSystem and destroys EventQueue.
client.closeDaemonConnection(true);
4.Disable Rendezvous transport in dacs.env. DACS sink daemon with Rendezvous-enabled flushes its cache of usage data to DACS infrastructure. Hence, usage data is not written in the usage file. Please make sure that all DACS_RV parameters do not exist or are commented. The example of dacs.env:
#DACS_RV_PROTO="TRUE,7999,;224.1.1.5,tcp:192.168.27.52:7500"; export DACS_RV_PROTO #DACS_RV_SENDRATE="3,15,30,63,123,243,-"; export DACS_RV_SENDRATE #DACS_RV_USAGE_SIZE="4194304"; export DACS_RV_USAGE_SIZE #DACS_RV_USAGE_AGE="1440"; export DACS_RV_USAGE_AGE
5. The data usage log can be created by DACS sink daemon(remote DACS sink daemon) or the Open DACS Application connecting to local DACS sink daemon.
a) To enable remote DACS sink daemon creating the usage logging file:
- In dacs.env, add DACS_SNKD_P2P_USAGE and DACS_SNKD_P2P_USAGE_SIZE parameters. DACS_SNKD_P2P_USAGE is the path that keeps the usage log file. DACS_SNKD_P2P_USAGE_SIZE is the maximum size in K bytes to which the usage data file can grow. The example of dacs.env:
DACS_SNKD_P2P_USAGE="./"; export DACS_SNKD_P2P_USAGE DACS_SNKD_P2P_USAGE_SIZE="1024"; export DACS_SNKD_P2P_USAGE_SIZE
the example sets dacs.usage to be created in DACS sink daemon run directory and set the maximum usage file to 1024 K bytes.
- Restart the daemon. Then, the usage file named dacs.usage will be created by the DACS sink daemon in the given path.
b)To enable Open DACS application connecting to local DACS sink daemon creating the usage logging file
- In the Open DACS application, call AuthorizationSystem.setProperty() to set dacs.usage-pathand dacs.usage-size.dacs.usage-pathis the path that keeps the usage log file. dacs.usage-sizeis the maximum size the usage can grow in K bytes.For example:
AuthorizationSystem.setProperty("dacs.usage-path", "./"); AuthorizationSystem.setProperty("dacs.usage-size", "1024");
the example sets dacs.usage file to be created in OpenDACS application run directory and set the maximum size to 1024 K bytes.
- Make sure that DACS_SNKD_P2P_USAGE and DACS_SNKD_P2P_USAGE_SIZE in dacs.env must be commented or not exist. Otherwise, both parameters will override Open DACS API configuration(dacs.usage-path and dacs.usage-size)
6. dacs.usage file cannot be read directly. You need the PollUsage tool shipped with DACS package to convert the file to ASCII format by running the command:
PollUsage.exe <dacs.usage file>
The example output:
So we have tried the above and still having no joy in generating Usage. code snippet below.
public void ProcessEventStatus(AuthorizationAgentEventStatus eventStatus)
{
bool isRepermissioning = eventStatus.StatusCode == AuthorizationAgentEventStatus.StatusCodeEnum.DoRepermission;
if (isRepermissioning)
{
Logger.Info($"Repermissioning requested for user '{Identity}'.");
}
[...]
CheckSubscription([...], isRepermissioning)
}
private bool CheckSubscription(string service, string ric, long userHandle, byte[] authorizationLock, bool isRepermissioning)
{
AuthorizationRequest.PerformUsageEnum usage = isRepermissioning
? AuthorizationRequest.PerformUsageEnum.OnlyDenialPerformUsageLogging
: _configuration.DefaultUsageLogging; // This is AuthorizationRequest.PerformUsageEnum.AlwaysPerformUsageLogging
AuthorizationAgent.AuthorizationCheckResultEnum authorizationCheckResult = _authorizationAgent.CheckSubscription(
userHandle,
usage,
_authorizationCheckStatus,
new RFA_String(service),
new RFA_String(ric),
authorizationLock.Length,
authorizationLock);
bool result = authorizationCheckResult == AuthorizationAgent.AuthorizationCheckResultEnum.AccessAllowed;
return result;
}
Hi Jeff, Did you get this working correctly, as I have the same issue (direct DACS API to a dacs_snkd) but with an application that does not pass the 'dacs lock' information thus usage report don't show the users uses unless a RIC only usage report is run. I have other applications that use the ODPS as a gateway and the fix for that is quite easy (amend 'autope' on the http request) and then the ODPS finds the PE via it's RFA connection. But when a application is connected direct to a dacs_snkd i'm not sure how this mechanism works.
Regards Paul