Chapter 8: Project Management
8.3 Other management issues and countermeasures
This section deals with more technical based issues encountered throughout the project progress during the primary prototype implementation as well as during the real time implementation. The code is the assignment and identification number of the issue. The impact degree on the project progress classified from 1 to 5 shows how long was the time taken to find the solution to a problem (where 1 represents less than one day and 5 over 5 days and over). All this aims to help the future workers to easily find the solution to the same issues or if possible avoid them by anticipation.
8.3.1 Primary implementation issues faced and solutions
The figure 43 presents the major problems encountered during the primary prototype implementation, their impact degree on the project advancement and countermeasures.
Code Concerned Area(s)/part(s) Issue Impact degree Solution I1 Java Runtime Environment
Issue when setting the JAVA_HOME environment variables due to a wrong enter of the JRE7 bin installation directory.
1 Copied and pasted
C:\Program Files\Java\jre7\bin to avoid typing mistakes
I2 Tomcat Failed to install Tomcat 6
because there was a
previous installation of
Tomcat 6 that had been uninstalled and it service was still present within windows services
1 Deleted the Tomcat 6
service within windows
services by running on command line
C:\>sc delete Tomcat 6
And obtained [sc] Delete
Service Success
I3 Tomcat Failed to start properly
Tomcat service after the installation and the
definition of JAVA_OPTS environment variables due to an error of launching the file Tomcat/Java
bootstrap.jar
1 Had to write -Xmx512m
instead of -Xmx512M Within the Java options.
I4 Tomcat & MS
Windows
Sometime failed to run Tomcat normally with the
error message Access is
1 Run Tomcat Monitor
(tomcat6w.exe) within Tomcat \bin directory as
Denied.
Unable to open the service 'Tomcat6'
administrator.
I5 Identity
Provider
Failed to install the IdP using the Microsoft installer shibboleth-
identityprovider-2.4.0.msi, due to windows internal error.
2 Proceeded with install.bat
within shibboleth- identityprovider-2.4.0- bin.zip, another installer package type
I6 Identity
Provider
Failed to continue with the IdP installation at the step of the hostname supply, due to the wrong format of
the hostname first
provided (localhost).
1 When installing the IdP, the
hostname has to fulfil the FQHN requirement rule. amlib.ac.uk has therefore been provided instead of localhost.
I7 Identity
Provider &
Tomcat
Error when testing if the IdP is running well within Tomcat at the first attempt due to a wrong
configuration applied on the file C:\Tomcat
6.0\conf\server.xml in the IdP
connector element.
1 The keystoreFile directory within the connector element had to be properly specified to match the IdP credentials directory set by the IdP installation.
I8 Identity
Provider
Failed to locate the java authentication file login.jsp
due to wrong specification syntax of the file path within the handler.xml
configuration file and precisely within the
LoginHandler element.
3 Within the LoginHandle
element, modified the
location path setting of java authentication file to file:C:/IDP/conf/login.config" (a special Oracle/Java requirement even if it is about a Windows environment) instead of file:C:\IDP\conf\login.config" as it
could normally be according to the Windows ‘slashes’ syntax
I9 Identity
Provider
After the configuration and customization of the IdP login portal, faced issues after the IdP installation update to apply the above configurations. In fact when proceeding to the installation update, the existing installation and configuration did not have to be overwritten
1 As the IdP initial
configurations were backed up, just needed to replace the modified configurations files (due to the new
installation) by the backed up configurations files. As note, during the IdP installation update, the existing installation and configurations should not be overwritten.
Provider & LDAP Server
to the LDAP server due to some precision errors within the IdP login.config
file.
previous key words spellings as follows: baseDN to base;
BindDn to principal;
BindCredential to ServiceCredential
I11 Service
Provider & IIS
Encountered error when checking if the SP has been installed well and is running properly, due to the directory of the ISAPI configuration to allow the communication with Shibboleth which has not been deployed
automatically during the SP installation
2 Manually pointed the
Shibboleth ISAPI compatibility element (isapi_shib.dll) to IIS by going to the IIS ISAPI Filters feature and adding the path to isapi_shib.dll.
I12 Service
Provider & Identity Provider
Failed to locate each entity metadata when testing the
communication between
the SP and the IdP
4 Instead of using any of the
http(s ) based metadata provider within the metadata elements, merely used the
Filesystem metadata provider
strategy consisting of getting each entity metadata
manually and placing it in each configuration directory, and indicating the metadata path within the metadata providers elements through the Filesystem metadata provider manner I13 Service Provider, Identity Provider & LDAP Servers Failed to authenticate users due to wrong configurations or no master, deployments issues of the first tested LDAP server (OpenLdap, OpenDS and Apache Directory Studio).
5 Finally got a suitable server
provider and opted for an LDAP server which is OpenDJ 2.7 I14 Service Provider, Identity Provider, Tomcat & OpenDj LDAP Server
Other issues due to words mistyping, special
characters missing (such as “\”,”/”, “<”, “>”, “‘”, “)”,” (“,” ;”,)
and more, Case sensitive incorrectness (mostly as Shibboleth is case sensitive and the used LDAP server not.
5 Had to check logs files to
identify the surrounding areas of mistakes and check the concerned .xml files and other file types in order to correct the mistakes. To avoid such types of mistakes within the next steps of the implementation had to concentrate when editing configuration files
and avoid to type when it is possible to copy and paste.
Figure 43: Primary prototype implementation issues and solutions
8.3.2 Real time implementation issues faced and solutions
The figure 44 presents the major problems encountered during the primary prototype implementation, their impact degree on the project advancement and countermeasures. Already knowing most types of possible issues and mistakes, it was easier to avoid them and as a result issues faced during the real time implementation were quite few compared to the primary implementation.
Code Concerned Area(s)/part(s) Issue Impact degree Solution I15 Tomcat/ Identity Provider
Failed to use the Identity Provider based certificate due to the wrong password provided within the
C:\Tomcat6.0\conf\server.xml,
in the connector element
1 Provided the right
password used during the IdP installation
I16 OpenDJ Incompatible with the
Operating System (Windows Server 2003) hosting Tomcat and the Identity Provider
2 Deployed OpenDJ
LDAP Server within the Operating system (Windows Server 2008) hosting the Service Provider.
I17 IIS7 & Service
Provider
Failed to launch ASP. NET applications with the error message ‘HTTP Error 403.14 - Forbidden
The Web server is configured to not list the contents of this directory’ becauseof a
missing configuration within IIS7/Windows Server 2008
1 Enabled the IIS
Directory Browsing
feature by
expanding the IIS Web sites, opening
Directory Browsing and enabling it in Actions
pane.
I18 IIS7 & Service
Provider
Failed to display ASP .NET applications due to the ASP .NET tools missing in IIS.
1 Installed ASP .NET
Tools and features through IIS Roles and Services pane.
I19 Identity
Provider, Service
Other mistakes on special characters typing and some words spelling.
2 Checked and
corrected the related files
Provider & Tomcat
Figure 44: Real time prototype implementation issues and solutions