You can validate that the server components installed properly by opening ConsoleOne and browsing to the tree where you installed the SAML extension server schema extensions. You can create SAML extension server objects. See "Configuring SAML and ConsoleOne" in the SAML Extension for iChain Sample Site Setup Guide for details.
When you have completed creating the SAML extension server configuration in the directory, you can start the Tomcat servlet engine. Because the SAML extension Web application is installed into the Tomcat webapps directory, it should be automatically deployed. You can validate this by entering the following URL in a browser: http://address of SAML Extension Server/samlext/status. You should see a page that indicates the status of the SAML extension server. If you get a 404 error page, the application was not deployed.
This section addresses how to resolve common issues with your SAML extension server installation. The following topics are addressed:
The default Tomcat Java memory setting is too low for the SAML extension server to run consistently. This out-of-memory error is very common, and to resolve it, you need to manually increase your memory. Java only starts with 16MB allocated and uses up to a maximum of 64MB, no matter how much memory your server has. You can increase these values using command line parameters when Tomcat is started by Java.
Refreshing the browser page occasionally bypasses this error; however, if you cannot resolve the problem by refreshing the browser page, see the Novell Technical Information Document for instructions on how to increase your Java memory.
If you observe that the SAML extension server is showing poor performance, you might need to fine-tune your Apache Tomcat server. One method is to fine-tune the number of request processing threads.
At Tomcat server startup time, the Connector (as defined in the Tomcat server's server.xml file) creates a number of request processing threads (based on the value configured for the minProcessors attribute). Each incoming request requires a thread for the duration of that request. If more simultaneous requests are received than can be handled by the currently available request processing threads, additional threads are created, up to the configured maximum (the value of the maxProcessors attribute). If still more simultaneous requests are received, they are stacked up inside the server socket created by the Connector, up to the configured maximum (the value of the acceptCount attribute. Any further simultaneous requests will receive "connection refused" errors, until resources are available to process themTo increase the number of request processing threads, you can edit the Tomcat's server.xml (nwserver.xml on NW6 Tomcat33) and change the maxProcessors value of the Connector Section to suit your production environment. (If not specified, this attribute is set to 20.) The server.xml file is found in the CATALINA_HOME\conf (or TOMCAT_HOME\conf) folder and is as shown below:
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8080" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="8443"
acceptCount="100" debug="0" connectionTimeout="20000"
useURIValidationHack="false" disableUploadTimeout="true" />