Versions Compared

Old Version 38

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 39

changes.mady.by.user Takeshi Nishimura

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
<Context docBase="idp.home/war/idp.war"
         privileged="true"
         antiResourceLocking="false"
         swallowOutput="true">

	<!-- Work around lack of Max-Age support in IE/Edge for Tomcat 8.0.x -->
	<CookieProcessor alwaysAddExpires="true" />

</Context>
Info

The above <CookieProcessor> line is only for Tomcat 8.0.x. It is safe to remove that line on other versions.

  • Tomcat listens on ports 8080 and 8443 for user-facing web traffic by default. You will most likely need to modify these ports to 80 and 443 in CATALINA_BASE/conf/server.xml, and make arrangements for Tomcat to run as root, use a port forwarding approach, or rely on some other solution, cf. IdPLinuxNonRoot and IdPLinuxNonRootDebianUbuntu.
  • Tomcat does not provide the Java Server Tag Library, which is required to use JSP pages as Spring views. The IdP status page at /idp/status is built with JSP and will not work without this library. You can download it from our Maven repository here (asc), place it into idp.home/edit-webapp/WEB-INF/lib/, then change to idp.home and run ./bin/build.sh (or build.bat, depending on your platform).
    More details can be found at http://stackoverflow.com/tags/jstl/info
  • Add the following parameters to the CATALINA_OPTS environment variable (on Windows, the CATALINA_OPTS variable can be set via the "Manage Tomcat" application in the "Java" Tab; on other systems, the file bin/setenv.sh can be created to set variables during startup):
    • If you chose to install to a location other than the default (/opt/shibboleth-idp):
      • -Didp.home=<location> (replacing <location> with your install location)
        Note: On windows in versions prior to 3.2.0 if the install location contains a space then you have to provide the shortname (-Didp.home=c:\progra~1\Path\To\Install).  This is best achieved by using the tomcatw.exe program.

      • In V3.1.2 or later, idp.home can be set as a context-parameter in web.xml (copied to edit-webapp and then the war rebuilt using the build command)

        Code Block
        languagexml
            <context-param>
        <param-name>idp.home</param-name>
        <param-value>J:/Downloads/Shibboleth/IdP</param-value>
    </context-param>

    • -XX:+UseG1GC - enables alternate garbage collector that reduces memory usage on larger metadata files

    • -Xmx1500m - this is the maximum amount of memory that Tomcat may use, at least 1.5G is recommended for handling larger (> 25M) metadata files but you will need to test on your particular metadata configuration
    • -XX:MaxPermSize=128m - the maximum amount of memory allowed for the permanent generation object space (this setting applies only to Java 7)

...