A monitor is simply a client which executes the initial call to an OA4MP server. This works solely from the command line -- no web server is needed. This is exactly the analog of the ping command in that it shows the server up and active. Since a full test of the lifecycle requires that the client be able to accept callbacks i.e. be running a web server, it is not possible to test more than the first call. The intent of the monitor is not to show that everything about configuring a client still works.
To get a functional monitor, you
get the oa4mp-monitor.jar
and the
oa4mp-monitor script.
For OAuth 2.0 you would get
oa2-monitor.jar
with the script at oa2-monitor
The default setup is like any other command
line tool
with an identical directory layout and it will try to use the configuration found in the default location
of /opt/oa4mp/etc/admin-cfg.xml
.
Steps to set up a monitor are
1. Register it with a server
OAuth 1.0a based servers
or,
OAuth 2.0 based servers.
be sure to follow any and all instructions in given since the two mehtods of registration are different.
2. Write a configuration file. This should have
mail configured.
A sample OAuth 1.0a configuration would be
<config> <client name="my-monitor"> <id>myproxy:oa4mp,2012:/your/id/goes/here</id> <serviceUri>http://your.server.org/oauth/</serviceUri> <callbackUri>https://your.server.org/client/ready</callbackUri> <lifetime>864000</lifetime> <publicKeyFile>/path/to/public-key.pem</publicKeyFile> <privateKeyFile>/path/to/private-key.pem</privateKeyFile> <mail enabled="true" useSSL="true" username="your-username" password="your password" debug="false" server="your.mail.server" recipients="email-address.of.recipient"> <messageTemplate>/path/to/monitor-message.template</messageTemplate> <subjectTemplate>/path/to/monitor-subject.template</subjectTemplate> </mail> <logging logFileName="/path/to/logs/oa4mp-monitor.xml" logName="oa4mp" logSize="100000" logFileCount="2" debug="true"/> </client> </config>
A quick comment about the callback: the server will not get far enough in the delegation request to
actually every use this, however, a url that
has https as its protocol is a requirement from the server. For OAuth 2.0
based servers, the callback supplied must match one of the ones given at registration time or the initial
request will be rejected.
3. Run it once from the command line to see if it works by using the oa4mp-monitor script.
4. Setup a chron job or use monit or whatever tool you prefer to invoke oa4mp-server at some specific interval,
e.g. every 5 minutes. The monitor will send an email notification whenever an attempt to contact the server fails.