Date: Fri, 29 Mar 2024 19:43:37 +0900 (JST) Message-ID: <250618669.2063.1711709017681@meatwiki.nii.ac.jp> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_2062_1055118195.1711709017681" ------=_Part_2062_1055118195.1711709017681 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
LDAP=E3=82=92=E5=88=A9=E7=94=A8=E3=81=97=E3=81=9FID/=E3=83=91=E3=82=B9= =E3=83=AF=E3=83=BC=E3=83=89=E8=AA=8D=E8=A8=BC=E3=81=AE=E4=BB=96=E3=81=AB=E3= =80=81=E6=A7=98=E3=80=85=E3=81=AA=E8=AA=8D=E8=A8=BC=E6=96=B9=E6=B3=95=E3=82= =92=E5=88=A9=E7=94=A8=E3=81=99=E3=82=8B=E3=81=93=E3=81=A8=E3=81=8C=E5=8F=AF= =E8=83=BD=E3=81=A7=E3=81=99=E3=80=82=E4=BB=A5=E4=B8=8B=E3=81=A7=E3=81=AF=E3= =80=81=E3=82=AF=E3=83=A9=E3=82=A4=E3=82=A2=E3=83=B3=E3=83=88=E8=A8=BC=E6=98= =8E=E6=9B=B8=E3=82=92=E5=88=A9=E7=94=A8=E3=81=97=E3=81=9F=E8=AA=8D=E8=A8=BC= =E3=81=AE=E8=A8=AD=E5=AE=9A=E6=96=B9=E6=B3=95=E3=82=92=E7=A4=BA=E3=81=97=E3= =81=BE=E3=81=99=E3=80=82
=E3=81=93=E3=81=AE=E4=BE=8B=E3=81=A7=E3=81=AF=E3=80=81
=E3=81=A8=E3=81=97=E3=81=A6=E8=A8=AD=E5=AE=9A=E3=82=92=E8=A1=8C=E3=81=84= =E3=80=81=E3=82=AF=E3=83=A9=E3=82=A4=E3=82=A2=E3=83=B3=E3=83=88=E8=A8=BC=E6= =98=8E=E6=9B=B8=E3=81=8C=E6=9C=89=E5=8A=B9=E3=81=AA=E8=A8=BC=E6=98=8E=E6=9B= =B8=E3=81=A7=E3=81=82=E3=82=8A=E3=80=81=E3=81=8B=E3=81=A4=E3=80=81=E4=B8=8A= =E8=A8=98=E3=81=AE=E6=9D=A1=E4=BB=B6=E3=82=92=E6=BA=80=E3=81=9F=E3=81=99=E5= =A0=B4=E5=90=88=E3=81=AB=E8=AA=8D=E8=A8=BC=E3=82=92=E8=A1=8C=E3=81=86=E8=A8= =AD=E5=AE=9A=E3=81=A8=E3=81=97=E3=81=A6=E3=81=84=E3=81=BE=E3=81=99=E3=80=82=
=E3=82=AF=E3=83=A9=E3=82=A4=E3=82=A2=E3=83=B3=E3=83=88=E8=A8=BC=E6=98=8E= =E6=9B=B8=E3=82=92=E7=94=A8=E3=81=84=E3=81=9F=E8=AA=8D=E8=A8=BC=E3=81=AE=E3= =81=9F=E3=82=81=E3=81=AB idp.properties =E3=83=95=E3=82=A1=E3=82=A4=E3=83= =AB=E3=82=92=E5=A4=89=E6=9B=B4=E3=81=97=E3=81=BE=E3=81=99=E3=80=82
(=E7=9C=81=E7=95=A5)
# Regular expression matching login flows to enable, e.g. IPAddres= s|Password
idp.authn.flows=3D X509
(=E7=9C=81=E7=95=A5)
(=E7=9C=81=E7=95=A5)
<VirtualHost _default_:443>
(=E7=9C= =81=E7=95=A5)
ProxyPass /idp ajp://localhost:8009/idp
<Location /idp/Authn/X509>
SSLCACertificateFile /opt/shibboleth-idp/crede= ntials/Camp-CA.crt
SSLVerifyClient require
SSLVerifyDep= th 3
SSLRequireSSL
SSLOptions +ExportCertData +StdEnvVa= rs
SSLUserName SSL_CLIENT_S_DN_CN
SSLRequire %{SSL_CLIE= NT_S_DN_O} eq "Test_University_A"
</Location>
(=E7=9C=81= =E7=95=A5) </VirtualHost>
LDAP =E3=81=8B=E3=82=89=E5=B1=9E=E6=80=A7=E3=82=92=E5=8F=96=E5=BE=97=E3= =81=99=E3=82=8B=E9=9A=9B=E3=81=AE=E3=82=AD=E3=83=BC=E3=81=A8=E3=81=AA=E3=82= =8B=E5=B1=9E=E6=80=A7=E3=81=AF=E3=83=87=E3=83=95=E3=82=A9=E3=83=AB=E3=83=88= =E3=81=A7=E3=81=AF uid =E3=81=A7=E3=81=99=E3=81=8C=E5=A4=89=E6=9B=B4=E3=81= =97=E3=81=9F=E3=81=84=E5=A0=B4=E5=90=88=E3=81=AF=E4=B8=8B=E8=A8=98=E3=81=AE= =E5=A0=B4=E6=89=80=E3=82=92=E5=A4=89=E6=9B=B4=E3=81=97=E3=81=BE=E3=81=99=E3= =80=82
(=E7=9C=81=E7=95=A5)
idp.attribute.resolver.LDAP.trustCertificates&= nbsp; =3D %{idp.authn.LDAP.trustCertificates:undefined}
idp.attrib= ute.resolver.LDAP.searchFilter = =3D (uid=3D$resolutionContext.p= rincipal) =E2=86=90=E5=BF=85=E8=A6=81= =E3=81=AB=E5=BF=9C=E3=81=98=E3=81=A6=E5=A4=89=E6=9B=B4
idp.attrib= ute.resolver.LDAP.returnAttributes =3D cn,homephone,mail (=E7=9C=81=E7=95=A5)
=E8=A4=87=E6=95=B0=E3=81=AE=E8=AA=8D=E8=A8=BC=E6=89=8B=E6=AE=B5=E3=82=92= =E4=BD=BF=E3=81=86=E3=81=AE=E3=81=A7=E3=81=AA=E3=81=91=E3=82=8C=E3=81=B0=E4= =BB=A5=E4=B8=8A=E3=81=A7=E5=AE=8C=E4=BA=86=E3=81=A7=E3=81=99=E3=80=82
=E8=A4=87=E6=95=B0=E3=81=AE=E8=AA=8D=E8=A8=BC=E6=89=8B=E6=AE=B5=E3=82=92=
=E4=BD=BF=E3=81=86=EF=BC=88=E5=86=92=E9=A0=AD=E3=81=AEidp.authn.flows=
=E3=81=AB Password|X509
=E3=81=AE=E3=82=88=E3=81=86=E3=
=81=AB=E8=A4=87=E6=95=B0=E8=A8=98=E8=BF=B0=E3=81=99=E3=82=8B=EF=BC=89=E5=A0=
=B4=E5=90=88=E3=81=A7=E3=80=81=E3=83=87=E3=83=95=E3=82=A9=E3=83=AB=E3=83=88=
=E3=81=AE=E8=AA=8D=E8=A8=BC=E6=89=8B=E6=AE=B5=EF=BC=88SP=E3=81=8B=E3=82=89=
=E3=81=AE=E8=AA=8D=E8=A8=BC=E8=A6=81=E6=B1=82=E6=99=82=E3=81=AB=E8=AA=8D=E8=
=A8=BC=E6=89=8B=E6=AE=B5=E3=81=AB=E3=81=A4=E3=81=84=E3=81=A6=E3=81=AE=E6=8C=
=87=E5=AE=9A=E3=81=8C=E3=81=AA=E3=81=84=E5=A0=B4=E5=90=88=E3=81=AB=E9=81=B7=
=E7=A7=BB=E3=81=99=E3=82=8B=E8=AA=8D=E8=A8=BC=E6=89=8B=E6=AE=B5=EF=BC=89=E3=
=82=92=E6=8C=87=E5=AE=9A=E3=81=97=E3=81=9F=E3=81=84=E5=A0=B4=E5=90=88=E3=81=
=AB=E3=81=AF=E3=80=81conf/authn/general-authn.xml=E3=81=AEbean=E3=81=AE=E9=
=A0=86=E5=BA=8F=E3=82=92=E5=A4=89=E6=9B=B4=E3=81=97=E3=81=A6=E3=81=8F=E3=81=
=A0=E3=81=95=E3=81=84=E3=80=82=E4=B8=8A=E3=81=AB=E3=81=82=E3=82=8B=E3=82=82=
=E3=81=AE=E3=81=8C=E5=84=AA=E5=85=88=E7=9A=84=E3=81=AB=E9=81=B8=E6=8A=9E=E3=
=81=95=E3=82=8C=E3=81=BE=E3=81=99=E3=80=82=E4=BE=8B=E3=81=88=E3=81=B03.4.0=
=E3=81=AE=E5=88=9D=E6=9C=9F=E8=A8=AD=E5=AE=9A=E3=81=A7=E3=81=AF authn=
/X509
=E3=81=AEbean=E3=81=8C authn/Password
=E3=81=AEbe=
an=E3=82=88=E3=82=8A=E4=B8=8A=E3=81=AB=E3=81=82=E3=82=8B=E3=81=9F=E3=82=81=
=E3=80=81=E8=A8=BC=E6=98=8E=E6=9B=B8=E8=AA=8D=E8=A8=BC=E3=81=8C=E5=84=AA=E5=
=85=88=E3=81=95=E3=82=8C=E3=81=BE=E3=81=99=E3=80=82
=E3=81=95=E3=82=89=E3=81=AB=E3=80=81=E7=89=B9=E5=AE=9A=E3=81=AESP=E3=81=
=AB=E5=AF=BE=E3=81=97=E3=81=A6=E8=A8=BC=E6=98=8E=E6=9B=B8=E8=AA=8D=E8=A8=BC=
=E4=BB=A5=E5=A4=96=E3=82=92=E5=88=A9=E7=94=A8=E3=81=95=E3=81=9B=E3=81=9F=E3=
=81=8F=E3=81=AA=E3=81=84=E5=A0=B4=E5=90=88=E3=81=AF=E3=80=81relying-p=
arty.xml
=E3=81=AE=E8=A8=AD=E5=AE=9A=E3=81=A7 p:authentica=
tionFlows=3D"#{{'X509'}}"
=E3=81=AE=E3=82=88=E3=81=86=E3=81=AB=E5=88=
=A9=E7=94=A8=E5=8F=AF=E8=83=BD=E3=81=AA=E8=AA=8D=E8=A8=BC=E6=89=8B=E6=AE=B5=
=E3=82=92=E6=8C=87=E5=AE=9A=E3=81=97=E3=81=A6=E3=81=8F=E3=81=A0=E3=81=95=E3=
=81=84=E3=80=82
Apache=E3=81=A7=E3=81=AF=E3=82=AF=E3=83=A9=E3=82=A4=E3=82=A2=E3=83=B3=E3=
=83=88=E8=A8=BC=E6=98=8E=E6=9B=B8=E3=81=8C=E8=AA=8D=E8=AD=98=E3=81=95=E3=82=
=8C=E3=81=A6=E3=81=84=E3=82=8B=E3=81=8C=E3=81=9D=E3=81=AE=E6=83=85=E5=A0=B1=
=E3=81=8CTomcat=E3=81=AB=E4=BC=9D=E3=82=8F=E3=81=A3=E3=81=A6=E3=81=84=E3=81=
=AA=E3=81=84=E5=A0=B4=E5=90=88=E3=80=81/usr/share/tomcat/conf/server.xml=E3=
=81=AE8009=E7=95=AA=E3=83=9D=E3=83=BC=E3=83=88Connector=E3=81=ABtomcatAuthe=
ntication=3D"false"=E3=81=8C=E8=A8=AD=E5=AE=9A=E3=81=95=E3=82=8C=E3=81=A6=
=E3=81=84=E3=82=8B=E3=81=93=E3=81=A8=E3=82=92=E7=A2=BA=E8=AA=8D=E3=81=97=E3=
=81=A6=E3=81=8F=E3=81=A0=E3=81=95=E3=81=84=E3=80=82
=E5=8F=82=E8=80=83: jdk 8=E3=80=81tomcat 7=E3=82=92=E3=82=A4=E3=83=B3=E3=82=B9=E3=83=88=E3=
=83=BC=E3=83=AB=E3=81=99=E3=82=8B
IdPv3=E3=81=AE=E8=A8=BC=E6=98=8E=E6=9B=B8=E8=AA=8D=E8=A8=BC=E3=81=AE=E8= =A9=B3=E7=B4=B0: Shib= boleth Wiki: X509AuthnConfiguration