- =E3=83=A9=E3=83=99=E3=83=AB=E3=81=8C=E3=81= =82=E3=82=8A=E3=81=BE=E3=81=9B=E3=82=93
Date: Fri, 29 Mar 2024 17:55:45 +0900 (JST) Message-ID: <1853333246.2030.1711702545809@meatwiki.nii.ac.jp> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_2029_1818824327.1711702545809" ------=_Part_2029_1818824327.1711702545809 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
The purpose of this document is to install and validate the (global) mAP= environment.
Following environment is required for installing mAP.
Table 2=E2=80=911 Required Software
Software Name |
Version |
Notes |
CentOS (64bit) |
7.9 |
Operating System |
Shibboleth-SP |
3.4.1 |
Service Provider |
Shibboleth-IdP |
4.1.7 |
Identity Provider |
Apache HTTP Server |
2.4 (*1) |
WEB Server |
Java |
OpenJDK=
11.0.19 (*1) |
IdP Executable Environment |
Jetty |
9.4.51<= /span> |
Servlet Container |
MySQL= span> |
5.7.38<= /span> |
Relational Database |
Postfix |
2.10 (*1) |
Mail Transfer Agent |
PHP |
5.4.16<= /span> (*1) |
Programing Language |
*1 Latest version of yum package as of 2023/05/18
These software will be used in the following structure:
Please install Shibboleth SP while referring to the install guide.
Shibboleth SP Install Guide
https://m=
eatwiki.nii.ac.jp/confluence/display/GakuNinShibInstallen/SP+Install
In addition to Shibboleth SP, Apache, mod_ssl and NTP should be installe= d simultaneously. Please setup these environment as well.
Please install Shibboleth IdP while referring to the install guide.
Shibboleth IdP Install Guide
=
https://meatwiki.nii.ac.jp/confluence/display/GakuNinShibInstallen/IdP+Inst=
all+Manual
In addition to Shibboleth IdP, Java and Jetty should be installed as wel= l. Please setup these environment as well.
Install MariaDB by using following command.
$ sudo = yum localinstall http://dev.mysql.com/get/mysql57-community-release-el7-7.n= oarch.rpm $ sudo rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022=20 $ sudo yum install mysql-community-server
* If the MySQL has already been installed as the initial component, you = can skip this process.
[mysqld= ] datadir=3D/var/lib/mysql socket=3D/var/lib/mysql/mysql.sock user=3Dmysql symbolic-links=3D0 =20 old_passwords=3D1 character-set-server=3Dutf8 =20 [mysqld_safe] log-error=3D/var/log/mysqld.log pid-file=3D/var/run/mysqld/mysqld.pid [mysql] default-character-set=3Dutf8
$ sudo = systemctl start mysqld.service=20 $ sudo systemctl enable mysqld.service
$ mysql= -u root CREATE DATABASE vo; GRANT INSERT, SELECT, UPDATE, DELETE ON vo.* TO 'vouser'@'localhost' IDENTI= FIED BY 'YOUR OWN PASSWORD';
Please install PHP by using following command.
$ sudo = yum install php $ sudo yum install php-devel php-gd php-mbstring php-pdo $ sudo yum install php-mysql php-xml $ sudo systemctl restart httpd.service
Add timezone in /etc/php.ini . Parameter =E2=80=9CAsia/Tokyo=E2=80=9D sh= ould be changed depending on your local time.
date.ti= mezone =3D "Asia/Tokyo"
Please install and setup mail server by using Postfix or Sendmail. Follo= wing instruction is for Postfix.
$ sudo = yum install postfix
Please modify parameters depending on your local environment.
/etc/po= stfix/main.cf
$ sudo = systemctl start postfix.service $ sudo systemctl enable postfix.service
Shibboleth SP which has been installed in section 4 will be configured f= or Attribute Provider.
Please contact GakuNin Office if authenticati= on is requested. |
attribute-map.xml
Add the following line or make sure isMemberOf
attri=
bute is recognized.
<= Attribute name=3D"urn:oid:1.3.6.1.4.1.5923.1.5.1.1" id=3D"isMemberOf"/>&= nbsp;
attribute-policy.xml
Add the following rule before attributeID=3D"*"
line=
.
= <!-- isMemberOf --> <afp:AttributeRule attributeID=3D"isMemberOf"> <afp:PermitValueRule xsi:type=3D"AttributeIssuerString" value=3D"https://[Host Name of the SP]/idp/shibboleth"/= > </afp:AttributeRule>
Modify =E2=80=9C[Host Name of the SP]=E2=80=9D to this server host= name.
shibboleth2.xml
Add MetadataProvider.
= <!-- Example of locally maintained metadata. --> <!-- Metadata of this IdP --> <MetadataProvider type=3D"XML" file=3D"/opt/shibboleth-idp/metad= ata/idp-metadata.xml"/>
And add SimpleAggregation AttributeResolver after <A=
ttributeResolver type=3D"Query" subjectMatch=3D"true"/>
line.
= <!-- Uses eduPersonPrincipalName from IdP to query, and asks for isMemb= erOf. --> <AttributeResolver type=3D"SimpleAggregation" attributeId=3D"epp= n" format=3D"urn:oid:1.3.6.1.4.1.5923.1.1.1.6"> <Entity>https://[Host Name of the IdP]/idp/shibboleth</E= ntity> </AttributeResolver>
Modify =E2=80=9C[Host Name of the IdP]=E2=80=9D to this server hos= t name.
app/views/pages/hom=
e.ctp
.$ sudo = mkdir /var/www/html/secure $ unzip index.zip $ sudo cp index.php /var/www/html/secure/attr.php $ sudo mkdir /var/www/html/js $ sudo cp embedded-wayf_config.js /var/www/html/js/.
$ sudo = systemctl restart shibd.service $ sudo systemctl restart httpd.service
Shibboleth IdP which has been installed in section 5 will be configured = for Attribute Provider.
Please contact GakuNin Office if authenticati=
on is required. https://mariadb.com/my_portal/download/java-client= Please download trustany-ssl-1.0.x.jar from wiki.shibboleth= .net: |
relying-party.xml
Add MetadataProvider for SP which utilize this mAP system.
= <metadata:MetadataProvider id=3D"SP" xsi:type=3D"metadata:ResourceBacked= MetadataProvider"> <metadata:MetadataResource xsi:type=3D"resource:FilesystemReso= urce" file=3D"/etc/shibboleth/metadata/sp-metadata.xml" /> </metadata:MetadataProvider>
Back Up= First $ cd /opt/shibboleth-idp/conf $ sudo cp attribute-filter.xml attribute-filter.xml.bk $ sudo cp attribute-resolver.xml attribute-resolver.xml.bk Then Copy $ cd $ sudo cp attribute-filter.xml /opt/shibboleth-idp/conf/. $ sudo cp attribute-resolver.xml /opt/shibboleth-idp/conf/.
$ sudo = cp mariadb-java-client-1.3.x.jar \ [TOMCAT install directory]/webapps/idp/WEB-INF/lib/. $ sudo cp mariadb-java-client-1.3.x.jar /opt/shibboleth-idp/lib/.
Create table for StoredID in the MariaDB database.
https://meatwiki.nii.ac.jp/confluence/displa= y/GakuNinShibInstall/StoredID
=E2=80=9C4. Create table in the database (In case of MariaDB)=E2=80=9D= p>
$ mysql= -u root vo mysql> put SQL commands here.
$ sudo = cp trustany-ssl-1.0.x.jar [TOMCAT install directory]/lib/.
Configure for back channel by referring to the following instruction.
Create credential
# cd /o= pt/shibboleth-idp/credentials # UMASKORIG=3D"`umask`" ; umask 0077 # openssl pkcs12 -export -out server.p12 -in idp.crt -inkey idp.key -name H= OST-NAME-OF-THIS-SERVER Enter Export Password: YOUR-OWN-PASSOWRD Verifying - Enter Export Password: YOUR-OWN-PASSWORD # umask "$UMASKORIG"
* This instruction assumes IdP certificate and key as idp.crt and idp.ke= y respectively.
Enable 8443 port in the server.xml of Tomcat configuration file.
Server.xml can be found in the following location if the Tomcat was inst= alled by using yum
/usr/sh= are/tomcat/conf/server.xml
Add following configuration.
<= ;Connector port=3D"8443" protocol=3D"org.apache.coyote.http11.Http11NioProt= ocol" maxThreads=3D"150" SSLEnabled=3D"true" scheme=3D"https" maxPostSize=3D"100000" secure=3D"true" clientAuth=3D"want" sslEnabledProtocols=3D"TLSv1,TLSv1.1,TLSv1.2" keystoreFile=3D"/opt/shibboleth-idp/credentials/server.p12" keystorePass=3D"YOUR-OWN-PASSWORD" keystoreType=3D"PKCS12" trustManagerClassName=3D"net.shibboleth.utilities.ssl.TrustAnyCerti= ficate" />
$ sudo = systemctl restart tomcat.service Restart SP as well in order to include the metadata of newly configured IdP= . $ sudo systemctl restart shibd.service $ sudo systemctl restart httpd.service
$ unzip= cloudgateway-1.0.zip $ sudo mv map /usr/local/.
# Annou= nce Information $ cd /usr/local/map $ mkdir -p app/webroot/tmp/ $ touch app/webroot/tmp/announce.txt $ sudo chown -R apache.apache app/webroot/tmp # Adjust permissions $ sudo chown -R apache.apache /usr/local/map/app/tmp $ sudo chmod +x /usr/local/map/cake/console/cake $ sudo chmod +x /usr/local/map/app/vendors/shells/*.php $ sudo chmod -R 777 /usr/local/map/app/tmp/cache # Deletion of Log Files and Cache Files $ sudo rm -rf app/tmp/cache/models/* $ sudo rm -rf app/tmp/cache/persistent/* $ sudo rm -rf app/tmp/cache/views/* $ sudo rm -rf app/tmp/logs/* # Copy of Configuration Files $ cp app/config/database.template.php app/config/database.php $ cp app/config/core.template.php app/config/core.php # Put random data on 'Security.salt' and 'Security.cipherSeed' in core.php. $ vi app/config/core.php # Deletion of Files for Development (if exist) $ rm app/config/local.php
Include following configuration in /etc/httpd/conf/httpd.conf
<Vir= tualHost _default_:80> Redirect permanent / https://[HOST-NAME-OF-THIS-SERVER]/ </VirtualHost> Alias /map "/usr/local/map" <Directory "/usr/local/map"> Order allow,deny Allow from all Options ExecCGI FollowSymLinks AllowOverride All </Directory> <Location "/map"> AuthType shibboleth ShibRequestSetting requireSession 0 require shibboleth </Location>
$ sudo = systemctl restart httpd.service
$ mysql= -u root vo < /usr/local/map/ddl/ddl.sql $ mysql -u root vo < /usr/local/map/ddl/alter.sql $ mysql -u root vo < /usr/local/map/ddl/index.sql $ mysql -u root vo < /usr/local/map/ddl/init_system_admin.sql $ mysql -u root vo Open /usr/local/map/ddl/stored_procedure.sql and copy & paste the conte= nts.
Registration of System Administrator
Create a new account by accessing to the following URL.
=
https://HOTS-NAME-OF-THIS-SERVER/map/
After selecting the IdP and then login, create a new account.
Register the Administrator of the Database.
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD mysql> select id,name,mail from accounts; Find your ID by the above command, and then and execute the following SQL t= o your ID. mysql> insert into mygroups(account_id, groupid, admin, created, modifie= d) values(YOUR-ACCOUNT-ID, 1, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP()); Example) mysql> insert into mygroups(account_id, groupid, admin, created, modifie= d) values(1, 1, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP());
By the following commands, organization which if a part of the federaton= member will be registered.
$ cd /u= sr/local/map/cake/console $ ./cake -app /usr/local/map/app organization /var/cache/shibboleth/federat= ion-metadata.xml
By the following commands, will be registered SP administrators.
$ cd /u= sr/local/map/cake/console $ ./cake -app /usr/local/map/app sp_administrator /path/to/somewhere/sp_adm= inistrator.tsv
/path/to/somewhere/sp_administrator.tsv must be created in the format be= low.
#Exampl= e #eppn=09eptid=09entityID XXX@nii.ac.jp=09=09https://test-sp.gakunin.nii.ac.jp/shibboleth-sp
By the following commands, SP information which if a part of the federat= on member will be registered.
$ cd /u= sr/local/map/cake/console $ ./cake -app /usr/local/map/app sp_host /var/cache/shibboleth/federation-m= etadata.xml
By the following commands, IdP groups which if a part of the federaton m= ember will be registered.
$ cd /u= sr/local/map/cake/console $ ./cake -app /usr/local/map/app idp_group_creator /var/cache/shibboleth/fe= deration-metadata.xml
By the following commands, IdP groups which if a part of the federaton m= ember will be registered.
$ cd /u= sr/local/map/cake/console $ ./cake -app /usr/local/map/app sp_connector_creator /var/cache/shibboleth= /federation-metadata.xml test-map
Notify the administrator when applying to join the group.
/usr/local/map/shell/map_inspect
Modify URL for your servers.<= /p>
# exa= mple wget --spider --no-check-certificate https://localhost/map/batch_inspects= /batch?mapurl=3Dhttps%3a%2f%2fcg%2egakunin%2ejp%2fmap%2f > /dev/null 2&g= t;&1
Set crontab for /usr/cron.d/map_inspect
# examp= le) Nofity every 10 minutes SHELL=3D/bin/bash PATH=3D/sbin:/bin:/usr/sbin:/usr/bin 01,11,21,31,41,51 * * * * root /usr/local/map/shell/map_inspect
Confirm the authentication page after accessing to the following URL.
https://HOST-NAME-OF-THIS-SERVER/secure/attr.ph=
p
After integrating the metadata of this IdP into the related SPs and enab= le SimpleAggregation AttributeResolver, you can check the connecting test.<= /p>
If you want to run on multiple ser= vers to set the following.
/usr/local/map/app/config/database.php
In the 'host' =3D> '', set the host of database server.
@@ -76,= 9 +76,9 @@ var $default =3D array( 'driver' =3D> 'mysql', 'persistent' =3D> false, - 'host' =3D> 'localhost', + 'host' =3D> 'YOUR-DATABASE-SERVER', 'login' =3D> 'vouser', 'password' =3D> 'xxxxx', 'database' =3D> 'vo',
/usr/local/map/app/config/core.php
Configure to u= se a database to store the session.
@@ -124= ,7 +124,7 @@ * the cake shell command: cake schema create Sessions * */ - Configure::write('Session.save', 'map'); + Configure::write('Session.save', 'database'); /** * The model name to be used for the session model. @@ -133,7 +133,7 @@ * * The model name set here should *not* be used elsewhere in your applicat= ion. */ - //Configure::write('Session.model', 'Session'); + Configure::write('Session.model', 'Session'); /** * The name of the table used to store CakePHP database sessions. @@ -147,14 +147,14 @@ * * [Note: Session.table is deprecated as of CakePHP 1.3] */ - //Configure::write('Session.table', 'cake_sessions'); + Configure::write('Session.table', 'cake_sessions'); /** * The DATABASE_CONFIG::$var to use for database session handling. * * 'Session.save' must be set to 'database' in order to utilize this const= ant. */ - //Configure::write('Session.database', 'default'); + Configure::write('Session.database', 'default');
/usr/local/map/cake/libs/cake_session.php
Modify value of 'session.cookie_lifetime' to 0 if deleting cookie when clos=
ed browser.
@@ -513= ,7 +513,7 @@ class CakeSession extends Object { ini_set('session.serialize_= handler', 'php'); ini_set('session.use_cookie= s', 1); ini_set('session.name', Con= figure::read('Session.cookie')); - ini_set('session.cookie_lif= etime', $this->cookieLifeTime); + ini_set('session.cookie_lif= etime', 0); ini_set('session.cookie_pat= h', $this->path); ini_set('session.auto_start= ', 0); }
$ cd /u= sr/local/map/cake/console $ ./cake schema create sessions
/opt/shibboleth-idp/conf/attribute-resolver.xml
Modify the host part of the jdbcURL in <dc:ApplicationManagedConnection&=
gt; elements.
/etc/shibboleth/shibboleth2.xml
Add the <TCPListener> element. Please see below URL for mo=
re information of <TCPListener>.
https://wiki.shibboleth.net/conflue= nce/display/SHIB2/NativeSPTCPListener
If you would like to register the SP which is not a member of the federa= tion, it=E2=80=99s easy to add the SP in the /var/cache/shibboleth/federati= on-metadata.xml and then execute the above command.
Register SP Administrator in the Database.
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD mysql> insert into sp_administrators(eppn, host_name, entityid, created)= =20 values('YOUR-ePPN', 'HOST-NAME-OF-UTILIZED-SP',=20 'ENTITY-ID-OF-UTILIZED-SP', UTC_TIMESTAMP()); Example1=EF=BC=89Registration for researchmap and kyouindb mysql> insert into sp_administrators(eppn, host_name, entityid, created)= \ values('xxxx@kyoto-u.ac.jp', 'researchmap.jp', 'https://researchmap.jp/shib= boleth-sp', UTC_TIMESTAMP()); mysql> insert into sp_administrators(eppn, host_name, entityid, created)= \ values('xxxx@kyoto-u.ac.jp', 'kyouindb.iimc.kyoto-u.ac.jp', \ 'https://kyouindb.iimc.kyoto-u.ac.jp/shibboleth-sp', UTC_TIMESTAMP()); Exmaple2) Registration for test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.= jp mysql> insert into sp_administrators(eppn, host_name, entityid, created)= \ values('xxxxxx@ebook-idp.nii.ac.jp', 'test-meatmail.nii.ac.jp', \ 'https://test-meatmail.nii.ac.jp/shibboleth-sp', UTC_TIMESTAMP()); mysql> insert into sp_administrators(eppn, host_name, entityid, created)= \ values(' xxxxxx@ebook-idp.nii.ac.jp', 'test-map-sp1.nii.ac.jp', \ 'https://test-map-sp1.nii.ac.jp/shibboleth-sp', UTC_TIMESTAMP());
Create SP Connector of the utilized SP by executing the following SQL.= p>
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD mysql> insert into groups(group_key,name,introduction,active,public,open= member,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,\ created,modified) values('GROUP-KEY', 'SERVICE-NAME', '', 0, 1, 1, 1, 0, 2,= 0, 2, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP()); Example1=EF=BC=89Researchmap and kyouindb mysql> insert into groups(group_key,name,introduction,active,public,open= member,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,cre= ated,modified) \ values('researchmap', 'Researchmap', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, UTC_TIM= ESTAMP(), UTC_TIMESTAMP()); mysql> insert into groups(group_key,name,introduction,active,public,open= member,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,cre= ated,modified \ ) values('kyouindb', 'kyouindb', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, UTC_TIMESTA= MP(), UTC_TIMESTAMP()); Example2=EF=BC=89test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp mysql> insert into groups(group_key,name,introduction,active,public,open= member,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,cre= ated,modified) \ values('test-meatmail.nii.ac.jp', 'test-meatmail.nii.ac.jp', '', \ 0, 1, 1, 1, 0, 2, 0, 2, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP()); mysql> insert into groups(group_key,name,introduction,active,public,open= member,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,cre= ated,modified) \ values('test-map-sp1.nii.ac.jp', 'test-map-sp1.nii.ac.jp', '', \ 0, 1, 1, 1, 0, 2, 0, 2, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP());
Register the administrator of SP Connector to the database.
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD mysql> select id,name,mail from accounts; mysql> select id,group_key,name from groups where sp=3D1; Find your ID and Group table ID by the search com"mand above and then put i= t in the "YOUR-ACCOUNT-ID"and "GroupID" in the following SQL. mysql> insert into mygroups(account_id, groupid, admin, created, modifie= d) values(YOUR-ACCOUNT-ID, GroupID, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP()); Example) In case of creating 3 SP Connectors mysql> insert into mygroups(account_id, groupid, admin, created, modifie= d) values(1, 2, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP()); mysql> insert into mygroups(account_id, groupid, admin, created, modifie= d) values(1, 3, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP()); mysql> insert into mygroups(account_id, groupid, admin, created, modifie= d) values(1, 4, 1, UTC_TIMESTAMP(), UTC_TIMESTAMP());
Connect SP Connector and SP by executing the following SQL.
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD Search utilizes SP Connector ID. mysql> select id, name from groups where sp =3D 1; Search utilizes SP ID mysql> select id, name from sp_hosts; Based on the search result, register connecting information between SP Conn= ector and SP. insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_= name) \ values(SP-CONNECTOR-ID, SP-ID, 'SERVICE-URL', UTC_TIMESTAMP(),UTC_TIMESTAMP= (), 'SERVICE-NAME'); =E3=83=BBSP Connector ID=EF=BC=9AID of groups table =E3=83=BBSP ID=EF=BC=9AID of sp_hosts table Example1=EF=BC=89Researchmap and kyouindb mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modifie= d,service_name) \ values(2, 3, 'http://researchmap.jp/', UTC_TIMESTAMP(),UTC_TIMESTAMP(), 'Re= searchmap'); mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modifie= d,service_name) \ values(3, 15, 'http://kyouindb.iimc.kyoto-u.ac.jp/', UTC_TIMESTAMP(),UTC_TI= MESTAMP(), 'kyouindb'); Example2=EF=BC=89test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modifie= d,service_name) \ values(2, 80, 'https://test-meatmail.nii.ac.jp/', UTC_TIMESTAMP(),UTC_TIMES= TAMP(), 'Test-MeatMail'); mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modifie= d,service_name) \ values(3, 175, 'https://test-map-sp1.nii.ac.jp/', UTC_TIMESTAMP(),UTC_TIMES= TAMP(), 'Test-mAP-SP1');
This enables users to utilize SP (ex. Researchmap, kyouindb) by connecti= ng SP connector automatically when the user create new group.
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD Obtain ID by searching SP Connector mysql> select id, name from groups where sp =3D 1; Set the found ID in the following SQL and then execute. mysql> insert into sp_auto_connectors(groupid,created) values(FOUND-ID, = UTC_TIMESTAMP()); Example=EF=BC=89 mysql> insert into sp_auto_connectors(groupid,created) values(2, UTC_TIM= ESTAMP()); mysql> insert into sp_auto_connectors(groupid,created) values(3, UTC_TIM= ESTAMP());
Set the consent information which will be utilized by the SP Connector= p>
$ mysql= -u vouser vo -pYOUR-OWN-PASSWORD Obtain ID by searching SP Connector mysql> select id, name from groups where sp =3D 1; Set ID for SP Connector in the following SQL and then execute. mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mai= l,idp,introduction,\ language,organization,created,modified) values(FOUND-ID, 1, 1, 1, 1, 1, 1, = 1, 1, UTC_TIMESTAMP(),UTC_TIMESTAMP()); Example) select id, name from groups where sp =3D 1; +----+-------------------------+ | id | name | +----+-------------------------+ | 2 | xxxxxxx | | 3 | yyyyyyy | | 4 | zzzzzzz | mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mai= l,idp,introduction,\ language,organization,created,modified) values(2, 1, 1, 1, 1, 1, 1, 1, 1, U= TC_TIMESTAMP(),UTC_TIMESTAMP()); mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mai= l,idp,introduction,\ language,organization,created,modified) values(3, 1, 1, 1, 1, 1, 1, 1, 1, U= TC_TIMESTAMP(),UTC_TIMESTAMP()); mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mai= l,idp,introduction,\ language,organization,created,modified) values(4, 1, 1, 1, 1, 1, 1, 1, 1, U= TC_TIMESTAMP(),UTC_TIMESTAMP());
If there exist the data in the existing database, it can be imported by = means of TSV file.
Format of the TSV is as follows
Note that display name have to be w= ithin 50 characters.
LOCAL-I= D(SPS-ID)<<TAB>>ePPN<<TAB>>DISPLAY-NAME(NAME) ...
Import command is as follows.
$ expor= t TERM=3Dvt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import [TSV-FILE-NAME] [IdP-= ENTITY-ID] Example 1=EF=BC=89Normal Execution $ export TERM=3Dvt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import \ /var/local/map/tmp/kyoto-u.ac.jp.sample.tsv \ https://authidp1.iimc.kyoto-u.ac.jp/idp/shibboleth Example 2=EF=BC=89Send Email after Execution $ export TERM=3Dvt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import \ /var/local/map/tmp/kyoto-u.ac.jp.sample.tsv \ https://authidp1.iimc.kyoto-u.ac.jp/idp/shibboleth | mail -s "Import Result= " EMAIL-ADDRESS