When Access Manager is installed on Windows 2012 and uses a SharePoint 2010 WS-federation service provider to build trust relationship with Identity Server, users get a 500 internal error while trying to log in to SharePoint 2010.
This error occurs because Access Manager does not find the method to generate the SharePoint claim after authenticating the user at Identity Server.
To resolve this issue, perform the following steps:
Navigate to C:\Program Files\Novell\Tomcat\bin.
Open the tomcat8w file.
Navigate to the Java tab.
Search for the following Java Options placeholder:
-Djava.endorsed.dirs=C:\PROGRA~2\Novell\Tomcat\common\endorsed
Modify this option as follows:
-Djava.endorsed.dirs=C:\PROGRA~2\Novell\Tomcat\endorsed
NOTE:Check for the endorsed folder in Tomcat (Catalina Home). This folder should contain stax-api-1.0.1.jar, serializer.jar, xalan.jar, xercesImpl.jar, and xml-apis.jar.