| Subcribe via RSS

Developer Tomcat Settings for Sailpoint IIQ Sandboxing

October 10th, 2011 Posted in IAM Development, IAM Engagement

Working on IAM projects and out on client sites for Qubera Solutions, our technical peeps all have developer sandboxes we use for prototyping, setting up read-only connectors to outlying systems (eg. PeopleSoft, AD, LDAP, JDBC connections, etc.), doing RBAC analysis and just about anything GRC related. We sandbox just about everything we can or run pre-configured VMware VMs on laptops outfitted with as much memory as we can. (My Macbook Pro is spiked out at 8gb RAM.)

Generally we use Tomcat for the app server piece but not always. None of this is earth-shattering news. Any developer or integrator of note at Any Company USA and around the world is going to have at least “A” sandbox running if not multiple. Just whether those sandboxes are configured and tweeked properly is going to be the only question, really.

As it relates to Sailpoint IIQ, first of all, me running a Macbook Pro, it’s technically “not supported.” But the IIQ deployment, like Oracle Waveset, is just a WAR. For the middleware piece (the DB layer aside), you essentially deploy a WAR, import your objects from XML, and you are off and running. Nevertheless, the “non-supported” aspect of a MacBook tended to rear its ugly head and I had frequent hangups in Tomcat until I tweeked a few things. It turns out setting my JAVA_OPTS to the following not only helps, but seems to be recommended from a trusted source. (I don’t have permission to credit here, much as I would like, so just take it for what it’s worth.)

I’ll “split this up” in a syntactically correct way so this doesn’t extend the page on the blog entry, but you can put these settings all on one line; hopefully that is obvious:

JAVA_OPTS="-server -Xms3072m -Xmx3072m -XX:NewSize=1024m -XX:MaxNewSize=1024m"
JAVA_OPTS="$JAVA_OPTS -XX:MaxPermSize=1024m -XX:CodeCacheMinimumFreeSpace=2M"
JAVA_OPTS="$JAVA_OPTS -XX:ReservedCodeCacheSize=64M"
JAVA_OPTS="$JAVA_OPTS -Dsun.lang.ClassLoader.allowArraySyntax=true"

Now if you’ve installed Sailpoint IIQ by following the installation guide, you’ll recognize that the sun.lang.ClassLoader.allowArraySyntax=true option is a holdover from the installation instructions and I’ve simply incorporated that setting into the recommended settings.

Go ahead and update your catalina.sh (or Windows equivalent .bat file) with those settings, restart Tomcat and see if that doesn’t suit you better? It does for me. Thus far, I haven’t had to restart Tomcat except in more rare and extreme cases. As always YMMV.

Comments are closed.