Skip to Content.
Sympa Menu

shibboleth-dev - improvement/fix for Shibbolet on non-tomcat containers

Subject: Shibboleth Developers

List archive

improvement/fix for Shibbolet on non-tomcat containers


Chronological Thread 
  • From: "Simone Avogadro" <>
  • To:
  • Subject: improvement/fix for Shibbolet on non-tomcat containers
  • Date: Mon, 9 Jul 2007 15:07:24 +0200
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=J8tuoMRMu2o/uil5VYNuhp2kV5LMaeOqD39qBlJx2yxBB14Sd/m/IbbYPdNRGWtBZ4quDNpL406uhFw1nCo+Stg/u0PAZvGQTxlimms7HMMSW2V+HNCzMRXTKIU5dkAUJR6vSA+C3RfQWFDc3L6kkZuSZ7rITlA+OssEHqq46n4=

Hi there!
  I'm deploying shibboleth IdP in Caucho Resin 3.0.23 for one of the largest Italian universities, my objective is to produce a webapp which deploys and install flawlessly in Tomcat an Resin as well
  Our application servers host  multiple applications and rewriting Endorsed libs is a no-no option.
  Fortunately we do adopy Resin 3.0.23 + Java 5, as we do know this (Java5) implies that the endorsed libs is not needed to override xerces+xalan, however placing the jars in the WEb-INF/lib folder will not be enough.
  So i debugged the code and found the following solution, which works well for both resin and tomcat and, in a Java 5 environement, allows plain WAR deployment without having to fiddle around with the endorsed folder:
1 - add xalan/xerces jars to the WEB-INF/lib folder of the webapp
2 - add the following lines at the beginning of the init(ServletConfig) method of the edu.internet2.middleware.shibboleth.idp.IdPResponder class:
        super.init(servletConfig);

        System.setProperty("org.apache.xalan.extensions.bsf.BSFManager","org.apache.bsf.BSFManager");
        System.setProperty("org.apache.xml.dtm.DTMManager","org.apache.xml.dtm.ref.DTMManagerDefault");
        System.setProperty("javax.xml.transform.TransformerFactory","org.apache.xalan.processor.TransformerFactoryImpl ");
        System.setProperty("javax.xml.xpath.XPathFactory","org.apache.xpath.jaxp.XPathFactoryImpl ");
        System.setProperty("javax.xml.datatype.DatatypeFactory","org.apache.xerces.jaxp.datatype.DatatypeFactoryImpl ");
        System.setProperty("javax.xml.parsers.DocumentBuilderFactory","org.apache.xerces.jaxp.DocumentBuilderFactoryImpl ");
        System.setProperty("org.w3c.dom.DOMImplementationSourceList","org.apache.xerces.dom.DOMXSImplementationSourceImpl ");
        System.setProperty("org.xml.sax.driver","org.apache.xerces.parsers.SAXParser");
        System.setProperty("javax.xml.parsers.SAXParserFactory","org.apache.xerces.jaxp.SAXParserFactoryImpl ");
        System.setProperty("javax.xml.validation.SchemaFactory","org.apache.xerces.jaxp.validation.XMLSchemaFactory ");


 as you might notice the system properties are exactly the ones which are set by the Xerces/Xalan bundle, so they don't harm if you prefer to stick to the endorsed folder solution

 hope this helps with broader appserver compatibility

   greets,
         -Simone Avogadro


p.s.: I also noticed that the java build is done agains log4j-1.2.14 while the webapp is deployed together with log4j-1.2.5, which seems unusual...


  • improvement/fix for Shibbolet on non-tomcat containers, Simone Avogadro, 07/09/2007

Archive powered by MHonArc 2.6.16.

Top of Page