...
Download files from the following URL.
...
Please contact GakuNin Office if authentication is required. |
Deployment
| コード ブロック |
|---|
$ unzip map.zip $ sudo mv map /usr/local/. |
...
| コード ブロック |
|---|
# Announce Information $ cd /usr/local/map $ mkdir -p app/webroot/tmp/ $ touch app/webroot/tmp/announce.txt $ sudo chown -R apache.apache app/webroot/tmp # Adjust Privillegepermissions $ sudo chown -R apache.apache /usr/local/map/app/tmp $ sudo chmod +x /usr/local/map/cake/console/cake $ sudo chmod +x /usr/local/map/app/vendors/shells/*.php $ sudo chmod -R 777 /usr/local/map/app/tmp/cache # Group Icons $ sudo mkdir -p app/tmp/uploads/group/original $ sudo mkdir -p app/tmp/uploads/group/thumbnails $ sudo mkdir -p app/tmp/uploads/group/temp $ sudo chown -R apache.apache app/tmp/uploads/group # Deletion of Log Files and Cache Files $ sudo rm -rf app/tmp/cache/models/* $ sudo rm -rf app/tmp/cache/persistent/* $ sudo rm -rf app/tmp/cache/views/* $ sudo rm -rf app/tmp/logs/* # Copy of Configuration Files $ cp app/config/database.template.php app/config/database.php $ cp app/config/core.template.php app/config/core.php # Put random Deletiondata of Files for Development (if exist) $ rmon 'Security.salt' and 'Security.cipherSeed' in core.php. $ vi app/config/local.phpcore.php # Deletion of Files for Development (if exist) $ rm app/config/local.php |
Configuration of httpd.conf
...
| コード ブロック |
|---|
<VirtualHost _default_:80> Redirect permanent / https://[HOST-NAME-OF-THIS-SERVER]/ </VirtualHost> Alias /map "/usr/local/map" <Directory "/usr/local/map"> Order allow,deny Allow from all Options ExecCGI FollowSymLinks AllowOverride All </Directory> <Location "/map"> AuthType shibboleth ShibRequireSessionShibRequestSetting requireSession Off0 require shibboleth </Location> <Location /idp/Authn/RemoteUser> AuthType shibboleth ShibRequireSession On Require valid-user ShibRequestSetting requireSessionWith DSforRemoteUser </Location> |
Restart
| コード ブロック |
|---|
$ sudo /etc/init.d/httpd stop $ sudo /etc/init.d/httpd start |
...
- /usr/local/map/app/config/database.php
In the 'database' => '', set the password defined at “6. Installing and Setting Up MySQL” - /usr/local/map/app/config/mail.php
In the 'host' => '', set the SMTP server.
In the $from, $this->from, set the FROM address of the email which will be send from this server.
In the $footer_jp_map, $footer_jp_test, $footer_eng_map and $footer_eng_test, modify to the appropriate sentences as you want. - /usr/local/map/app/config/system.php
In the "host" and the host of "loginlink" in $config["production"], $config["test"], set the host name of this server. Registration of System Administrator
Create a new account by accessing to the following URL.
https://HOTS-NAME-OF-THIS-SERVER/map/
After selecting the IdP and then login, create a new account.
Register the Administrator of the Database.コード ブロック $ mysql -u vouser vo -pYOUR-OWN-PASSWORD mysql> select id,name,mail from accounts; Find your ID by the above command, and then and execute the following SQL to your ID. mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(YOUR-ACCOUNT-ID, 1, 1, NOW(), NOW()); Example) mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 1, 1, NOW(), NOW());
...
Register SP Administrator in the DatbaseDatabase.
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
mysql> insert into sp_administrators(eppn, host_name, entityid, created)
values('YOUR-ePPN', 'HOST-NAME-OF-UTILIZED-SP',
'ENTITY-ID-OF-UTILIZED-SP', NOW());
Example1)Registration for researchmap and kyouindb
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values('xxxx@kyoto-u.ac.jp', 'researchmap.jp', 'https://researchmap.jp/shibboleth-sp', NOW());
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values('xxxx@kyoto-u.ac.jp', 'kyouindb.iimc.kyoto-u.ac.jp', \
'https://kyouindb.iimc.kyoto-u.ac.jp/shibboleth-sp', NOW());
Exmaple2) Registration for test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values('xxxxxx@ebook-idp.nii.ac.jp', 'test-meatmail.nii.ac.jp', \
'https://test-meatmail.nii.ac.jp/shibboleth-sp', NOW());
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values(' xxxxxx@ebook-idp.nii.ac.jp', 'test-map-sp1.nii.ac.jp', \
'https://test-map-sp1.nii.ac.jp/shibboleth-sp', NOW()); |
...
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,\
created,modified) values('GROUP-KEY', 'SERVICE-NAME', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Example1)Researchmap and kyouindb
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('researchmap', 'Researchmap', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified \
) values('kyouindb', 'kyouindb', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Example2)test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('test-meatmail.nii.ac.jp', 'test-meatmail.nii.ac.jp', '', \
0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('test-map-sp1.nii.ac.jp', 'test-map-sp1.nii.ac.jp', '', \
0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW()); |
Create Register the administrator of SP Connector to Global mAP by executing the following SQLthe database.
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD mysql>insertmysql> into groups(group_key,name,introduction,active,public,openmember,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \ values('gakunin-map ', 'GakuNin-mAP', '', 0, 1, 1, 1, 0, 2, 0, 2select id,name,mail from accounts; mysql> select id,group_key,name from groups where sp=1; Find your ID and Group table ID by the search com"mand above and then put it in the "YOUR-ACCOUNT-ID"and "GroupID" in the following SQL. mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(YOUR-ACCOUNT-ID, GroupID, 1, NOW(), NOW()); ExmapleExample) Test mAP mysql>insertIn case of creating 3 SP Connectors mysql> insert into groupsmygroups(groupaccount_keyid,name groupid,introduction,active,public,openmember,\ inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created, admin, created, modified) \ values('test-map ', 'Test-mAP', '', 0, 1, 12, 1, 0, 2, 0, 2NOW(), NOW()); mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 3, 1, NOW(), NOW()); |
Register the administrator of SP Connector to the database.
mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 4, 1, NOW(), NOW()); |
Connection between SP Connecor and SP.
Connect SP Connector and SP by executing the following SQL.
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
Search utilizes SP Connector ID.
mysql> select id, |
| コード ブロック |
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD mysql> select id,name,mail from accounts; mysql> select id,group_key,name from groups where sp = 1; FindSearch yourutilizes SP ID and Group table ID by mysql> select id, name from sp_hosts; Based on the search com"mand above and then put it in the "YOUR-ACCOUNT-ID"and "GroupID" in the following SQL. mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(YOUR-ACCOUNT-ID, GroupID, 1result, register connecting information between SP Connector and SP. insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \ values(SP-CONNECTOR-ID, SP-ID, 'SERVICE-URL', NOW(), NOW(), 'SERVICE-NAME'); Example) In case・SP Connector ID:ID of groups table ・SP ID:ID of creating 3 SP Connectorssp_hosts table Example1)Researchmap and kyouindb mysql> insert into mygroupsgroup_sphosts(accountgroup_id, groupid, admin, sp_id,lead_url,created, modified,service_name) \ values(1, 2, 13, NOW(),'http://researchmap.jp/', NOW(),NOW(), 'Researchmap'); mysql> insert into mygroupsgroup_sphosts(accountgroup_id, groupid, admin, sp_id,lead_url,created, modified,service_name) \ values(13, 315, 1'http://kyouindb.iimc.kyoto-u.ac.jp/', NOW(), NOW()); mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 4, 1, NOW(), NOW()); |
Connection between SP Connecor and SP.
Connect SP Connector and SP by executing the following SQL.
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
Search utilizes SP Connector ID.
mysql> select id, name from groups where sp = 1;
Search utilizes SP ID
mysql> select id, name from sp_hosts;
Based on the search result, register connecting information between SP Connector and SP.
insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \
values(SP-CONNECTOR-ID, SP-ID, 'SERVICE-URL', NOW(),NOW(), 'SERVICE-NAME');
・SP Connector ID:ID of groups table
・SP ID:ID of sp_hosts table
Example1)Researchmap and kyouindb
mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \
values(2, 3, 'http://researchmap.jp/', NOW(),NOW(), 'Researchmap');
mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \
values(3, 15, 'http://kyouindb.iimc.kyoto-u.ac.jp/', NOW(),NOW(), 'kyouindb');
Example2)test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp
mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \
values(2, 80, 'https://test-meatmail.nii.ac.jp/', NOW(),NOW(), 'Test-MeatMail');
mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \
values(3, 175, 'https://test-map-sp1.nii.ac.jp/', NOW(),NOW(), 'Test-mAP-SP1'); |
Connect SP Connector and Global mAP(SP) by executing the following commands.
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
Search SP Connector ID of Global mAP
mysql> select id, name from groups where sp = 1 and group_key='gakunin-map';
Search SP ID of Global mAP
mysql> select id, name from sp_hosts where name='map.gakunin.nii.ac.jp';
Based on the search result, register the connecting information between SP Connector and SP.
mysql> insert into group_sphosts(group_id,sp_id,created,modified,service_name) \
values(SP-CONNECTOR-ID, SPのID, NOW(),NOW(), 'SERVICE-NAME');
Example 1)GakuNin mAP
mysql> insert into group_sphosts(group_id,sp_id,created,modified,service_name) \
values(4, 14, NOW(),NOW(), 'GakuNin-mAP');
Example2)Test mAP
mysql> insert into group_sphosts(group_id,sp_id,created,modified,service_name) \
values(4, 48, NOW(),NOW(), 'Test-mAP'); |
Automatic Connection of SP Connector
This enables users to utilize SP (ex. Researchmap, kyouindb) by connecting SP connector automatically when the user create new group.
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD Obtain ID by searching SP Connector mysql> select id, name from groups where sp = 1; Set the found ID in the following SQL and then execute.NOW(), 'kyouindb'); Example2)test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp mysql> insert into group_sphosts(group_id,sp_auto_connectors(groupid,created) values(FOUND-ID, NOW()); Example) mysql> insert into sp_auto_connectors(groupid,created) values(2, NOW()id,lead_url,created,modified,service_name) \ values(2, 80, 'https://test-meatmail.nii.ac.jp/', NOW(),NOW(), 'Test-MeatMail'); mysql> insert into group_sphosts(group_id,sp_auto_connectors(groupid,created) values(3, NOW()); |
id,lead_url,created,modified,service_name) \
values(3, 175, 'https://test-map-sp1.nii.ac.jp/', NOW(),NOW(), 'Test-mAP-SP1'); |
Automatic Connection of SP Connector
This enables users to utilize SP (ex. Researchmap, kyouindb) by connecting SP connector automatically when the user create new group.Enable to utilize it also via Global mAP
| コード ブロック |
|---|
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD SearchObtain ID ofby searching SP Connector of Global mAP. mysql> select id, name from groups where sp = 1 and group_key='gakunin-map'; Set the found ID in the following SQL and then execute. and then execute. mysql> insert into sp_auto_connectors(groupid,created) values(FOUND-ID, NOW()); Example) mysql> insert into sp_auto_connectors(groupid,created) values(FOUND-ID2, NOW()); Example) mysql> insert into sp_auto_connectors(groupid,created) values(43, NOW()); |
Attribute Consent Setting for SP Connector
...
| コード ブロック |
|---|
$ export TERM=vt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import [TSV-FILE-NAME] [IdP-ENTITY-ID] Example 1)Normal Execution $ export TERM=vt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import \ /var/local/map/tmp/kyoto-u.ac.jp.sample.tsv \ https://authidp1.iimc.kyoto-u.ac.jp/idp/shibboleth Example 2)Send Email after Execution $ export TERM=vt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import \ /var/local/map/tmp/kyoto-u.ac.jp.sample.tsv \ https://authidp1.iimc.kyoto-u.ac.jp/idp/shibboleth | mail -s "Import Result" EMAIL-ADDRESS |
Metadata
If you need to connect with Global mAP, it is required to incorporate this IdP metadata into the GlobalmAP.
Please send the following IdP metadata to the Global mAP administrator.
/opt/shibboleth-idp/metadata/idp-metadata.xml
Validation
Authentication
Confirm the authentication page after accessing to the following URL.
https://HOST-NAME-OF-THIS-SERVER/secure/attr.php
...
After integrating the metadata of this SP IdP into the related SPs and /or Global mAPenable SimpleAggregation AttributeResolver, you can check the connecting test.
...