Purpose
The purpose of this document is to install and validate the local mAP environment.
Environment
Following environment is required for installing local mAP.
Table 2‑1 Required Software
Software Name | Version | Notes |
CentOS (64bit) | 6.5 | Operating System |
Shibboleth-SP | 2.5.3 (*1) | Service Provider |
Shibboleth-IdP | 2.4.0 | Identity Provider |
Apache HTTP Server | 2.2.15 (*1) | WEB Server |
Java | JDK 7 Update 45 or openjdk 1.6.0 | IdP Executable Environment |
Apache Tomcat | 6.0.24 (*1) | Servlet Container |
MySQL | 5.1.71 (*1) | Relational Database |
Postfix | 2.6.6 (*1) | Mail Transfer Agent |
PHP | 5.3.3 (*1) | Programing Language |
*1 Latest version of yum package as of 2014/2/28
Flow of Request
Installing Shibboleth SP
Please install shibboleth SP while referring to the install guide.
Shibboleth SP Install Guide
https://meatwiki.nii.ac.jp/confluence/display/GakuNinShibInstallen/SP+Install
In addition to shibboleth SP, apache, mod_ssl and NTP will be install simultaneously. Please setup these environment as well.
Installing Shibboleth IdP
Please install shibboleth IdP while referring to the install guide.
Shibboleth SP Install Guide
https://meatwiki.nii.ac.jp/confluence/display/GakuNinShibInstallen/IdP+Install+Manual
In addition to shibboleth IdP, Java and Tomcat will be install as well. Please setup these environment as well.
Installing and Setting Up MySQL
Install MySQL by using following command.
$ sudo yum install mysql-server
* If the MySQL has already been installed as the initial component, you can skip this process.
Setup /etc/my.cnf
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql symbolic-links=0 old_passwords=1 default-character-set = utf8 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid [mysql] default-character-set = utf8
Execute
$ sudo /etc/init.d/mysqld start $ sudo chkconfig mysqld on
Create Database
$ mysql -u root CREATE DATABASE vo; GRANT ALL PRIVILEGES ON vo.* TO 'vouser'@'localhost' IDENTIFIED BY 'YOUR OWN PASSWORD';
Installing and Setting Up PHP
Please install PHP by using following command.
$ sudo yum install php $ sudo yum install php-devel php-gd php-mbstring php-pdo $ sudo yum install php-mysql php-xml $ sudo /etc/init.d/httpd restart
$ sudo yum install php $ sudo yum install php-devel php-gd php-mbstring php-pdo $ sudo yum install php-mysql php-xml $ sudo /etc/init.d/httpd restart
Setting Up Timezone
Add timezone in /etc/php.ini . Parameter “Asia/Tokyo” should be changed depending on your local time.
date.timezone = "Asia/Tokyo"
Installing and Setting Up Mail Server
Please install and setup mail server by using Postfix or Sendmail. Following instruction is for Postfix.
Install
$ sudo yum install postfix
Setup Postfix
Please modify parameters depending on your local environment.
/etc/postfix/main.cf
Execute
$ sudo /etc/init.d/postfix start $ sudo chkconfig postfix on
Installing Attribute Provider (SP)
Shibboleth SP which has been installed in section 4 will be configured for Attribute Provider.
Download required file from following URL.
https://forge.gakunin.nii.ac.jp/svn/GakuNinmAP/local-map/sp-conf/ Please obtain an account from GakuNin Office if authentication is requested. attribute-map.xml |
Modify Setting
- attribute-policy.xml
Modify “Host Name of the SP” to this server host name. shibboleth2.xml
Modify “Host Name of the IdP” to your university IdP which authenticate users.
Certificate and Key files in the “CredentialResolver” also have to be changed depending on theにserver certificate.
Initial Setting of the CredentialResolver<CredentialResolver type="File" key="cert/server.key" certificate="cert/server.crt"/>
* Owner of these files have to be changed as shibd.
- embedded-wayf_config.js
Modify “Host Name of the Server” to the name of this server.
Values in wayf_additional_idps also have to be changed.
Copy Files
Back Up First $ sudo cp /etc/shibboleth/attribute-map.xml /etc/shibboleth/attribute-map.xml.bk $ sudo cp /etc/shibboleth/attribute-policy.xml /etc/shibboleth/attribute-policy.xml.bk $ sudo cp /etc/shibboleth/shibboleth2.xml /etc/shibboleth/shibboleth2.xml.bk Then Copy $ sudo cp attribute-map.xml /etc/shibboleth/. $ sudo cp attribute-policy.xml /etc/shibboleth/. $ sudo cp shibboleth2.xml /etc/shibboleth/. $ sudo mkdir /var/www/html/secure $ sudo cp attr.php /var/www/html/secure/. $ sudo mkdir /var/www/html/js $ sudo cp embedded-wayf_config.js /var/www/html/js/.
Metadata Deployment
- Store the metadata of the SP of this server in the following location.
/etc/shibboleth/metadata/sp-metadata.xml - Store the metadata of this IdP of this server in the following location.
/opt/shibboleth-idp/metadata/idp-metadata.xml
* shibd have to be restarted after the “10. Installing Attribute Provider (IdP)”since the metadata※of the IdP is not yet generated at this moment. - Store the metadata of the IdP which utilizes university authentication.
/etc/shibboleth-idp/metadata/uni-idp-metadata.xml - Federation Metadata
If required, federation metadata have to be included by the shibboleth2.xml configuration.
Restart
$ sudo /etc/init.d/shibd restart$ sudo /etc/init.d/httpd restart
Installing Attribute Provider (IdP)
Shibboleth IdP which has been installed in section 5 will be configured for Attribute Provider.
Download required file from following URL.
https://forge.gakunin.nii.ac.jp/svn/GakuNinmAP/local-map/idp-conf/ Please obtain an account from GakuNin Office if authentication is requested. attribute-filter.xml attribute-resolver.xml handler.xml internal.xml relying-party.xml https://forge.gakunin.nii.ac.jp/svn/GakuNinmAP/local-map/idp-lib/ Please obtain an account from GakuNin Office if authentication is requested. mysql-connector-java-5.1.10.jar
Modify Configuration
- attribute-resolver.xml
Modify“SALT”to appropriate random values.
Setup database password to be the same one with “6. Installing and Setting Up MySQL”.
Modify “Host name of the IdP”to this server host name. - relying-party.xml
Modify “Host name of the IdP” to this server host name.
Define SP metadata which utilize local mAP system.
Define the metadata of Global mAP(https://map.gakunin.nii.ac.jp/idp/shibboleth)
* In general, the metadata of the Global mAP is automatically integrated if the IdP ingest the federation metadata.
Overwrite the configuration files.
Back Up First $ cd /opt/shibboleth-idp/conf $ sudo cp attribute-filter.xml attribute-filter.xml.bk $ sudo cp attribute-resolver.xml attribute-resolver.xml.bk $ sudo cp handler.xml handler.xml.bk $ sudo cp internal.xml internal.xml.bk $ sudo cp relying-party.xml relying-party.xml.bk Then Copy $ cd $ sudo cp attribute-filter.xml /opt/shibboleth-idp/conf/. $ sudo cp attribute-resolver.xml /opt/shibboleth-idp/conf/. $ sudo cp handler.xml /opt/shibboleth-idp/conf/. $ sudo cp internal.xml /opt/shibboleth-idp/conf/. $ sudo cp relying-party.xml /opt/shibboleth-idp/conf/.
Metadata Deployment
- The metadata of this SP has already been stored in the following location.
/etc/shibboleth/metadata/sp-metadata.xml - Store the metadata of this IdP in the following location.
/opt/shibboleth-idp/metadata/idp-metadata.xml - Include the metadata of this IdP in the shibboleth2.xml of the SP which utilizes for local mAP.
Deployment of the MySQL driver
$ sudo cp mysql-connector-java-5.1.10.jar \ [TOMCAT install directory] /webapps/idp/WEB-INF/lib/. $ sudo cp mysql-connector-java-5.1.10.jar /opt/shibboleth-idp/lib/.
Configuration for StoredID
Create table for StoredID in the MySQL database.
https://meatwiki.nii.ac.jp/confluence/display/GakuNinShibInstall/StoredID
“4. Create table in the database (In case of MySQL)”
$ mysql -u root vo mysql> put SQL commands here.
Back Channel
Configure for back channel by referring to the following instruction.
Create credential
# cd /opt/shibboleth-idp/credentials # openssl pkcs12 -export -out pkcs12.p12 -in idp.crt -inkey idp.key -name HOST-NAME-OF-THIS-SERVER Enter Export Password: YOUR-OWN-PASSOWRD Verifying - Enter Export Password: YOUR-OWN-PASSWORD # keytool -importkeystore -srckeystore pkcs12.p12 -destkeystore keystore.jks \ -srcstoretype pkcs12 -deststoretype jks -srcalias HOST-NAME-OF-THIS-SERVER \ -destalias HOST-NAME-OF-THIS-SERVER -storepass YOUR-OWN-PASSOWRD Enter source keystore password: YOUR-OWN-PASSOWRD keystore.jks will be generated.
* This instruction assume IdP certificate as idp.crt and idp.key.
Back Channel Port
Enable 8443 port in the server.xml of Tomcat configuration file.
Server.xml can be found in the following location if the Tomcat was installed by using yum
/usr/share/tomcat6/conf/server.xml
Add following configuration.
<Connector port="8443"
maxHttpHeaderSize="8192"
maxSpareThreads="75"
scheme="https"
secure="true"
clientAuth="want"
SSLEnabled="true"
sslProtocol="TLS"
keystoreFile="/opt/shibboleth-idp/credentials/keystore.jks"
keystorePass="YOUR-OWN-PASSWORD"
truststoreFile="/opt/shibboleth-idp/credentials/keystore.jks"
truststorePass="YOUR-OWN-PASSWORD"
truststoreAlgorithm="DelegateToApplication"/>
Deployment
$ sudo /etc/init.d/tomcat6 stop $ sudo /etc/init.d/tomcat6 start Restart SP as well in order to include the metadata of newly configured IdP. $ sudo /etc/init.d/shibd restart $ sudo /etc/init.d/httpd restart
Installing the Application
Download files from the following URL.
https://forge.gakunin.nii.ac.jp/svn/GakuNinmAP/local-map/ui/ Please obtain an account from GakuNin Office if authentication is requested. map.zip
Deployment
$ unzip map.zip $ sudo mv map /usr/local/.
Initial Setting
# Announce Information $ cd /usr/local/map $ mkdir -p app/webroot/tmp/ $ touch app/webroot/tmp/announce.txt $ sudo chown -R apache.apache app/webroot/tmp # Privillege $ sudo chown -R apache.apache /usr/local/map/app/tmp $ sudo chmod +x /usr/local/map/cake/console/cake $ sudo chmod +x /usr/local/map/app/vendors/shells/*.php $ sudo chmod -R 777 /usr/local/map/app/tmp/cache # Group Icons $ sudo mkdir -p app/tmp/uploads/group/original $ sudo mkdir -p app/tmp/uploads/group/thumbnails $ sudo mkdir -p app/tmp/uploads/group/temp $ sudo chown -R apache.apache app/tmp/uploads/group # Deletion of Log Files and Cache Files $ sudo rm -rf app/tmp/cache/models/* $ sudo rm -rf app/tmp/cache/persistent/* $ sudo rm -rf app/tmp/cache/views/* $ sudo rm -rf app/tmp/logs/* # Copy of Configuration Files $ cp app/config/database.template.php app/config/database.php $ cp app/config/core.template.php app/config/core.php # Deletion of Files for Development (if exist) $ rm app/config/local.php
Configuration of httpd.conf
Include following configuration in /etc/httpd/conf/httpd.conf
<VirtualHost _default_:80> Redirect permanent / https://[HOST-NAME-OF-THIS-SERVER]/ </VirtualHost> Alias /map "/usr/local/map" <Directory "/usr/local/map"> Order allow,deny Allow from all Options ExecCGI FollowSymLinks AllowOverride All </Directory> <Location "/map"> AuthType shibboleth ShibRequireSession Off require shibboleth </Location> <Location /idp/Authn/RemoteUser> AuthType shibboleth ShibRequireSession On Require valid-user ShibRequestSetting requireSessionWith DSforRemoteUser </Location>
Restart
$ sudo /etc/init.d/httpd stop $ sudo /etc/init.d/httpd start
Database Configuration
$ mysql -u root vo < /usr/local/map/ddl/ddl.sql $ mysql -u root vo < /usr/local/map/ddl/alter.sql $ mysql -u root vo < /usr/local/map/ddl/index.sql $ mysql -u root vo < /usr/local/map/ddl/init_system_admin.sql $ mysql -u root vo Open /usr/local/map/ddl/stored_procedure.sql and copy & paste the contents.
Application Configuration File
- /usr/local/map/app/config/database.php
In the 'database' => '', set the password defined at “6. Installing and Setting Up MySQL” - /usr/local/map/app/config/mail.php
In the 'host' => '', set the SMTP server.
In the $from, $this->from, set the FROM address of the email which will be send from this server.
In the $footer_jp_map, $footer_jp_test, $footer_eng_map and $footer_eng_test, modify to the appropriate sentences as you want. - /usr/local/map/app/config/system.php
In the "host" and the host of "loginlink" in $config["production"], $config["test"], set the host name of this server. Registration of System Administrator
Create a new account by accessing to the following URL.
https://HOTS-NAME-OF-THIS-SERVER/map/
After selecting the IdP and then login, create a new account.
Register the Administrator of the Database.$ mysql -u vouser vo -pYOUR-OWN-PASSWORD mysql> select id,name,mail from accounts; Find your ID by the above command, and then and execute the following SQL to your ID. mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(YOUR-ACCOUNT-ID, 1, 1, NOW(), NOW()); Example) mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 1, 1, NOW(), NOW());
Registration of SP
By the following commands, SP information which if a part of the federaton member will be registered in the sp_hosts table of the database.
$ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app sp_host /var/cache/shibboleth/federation-metadata.xml
If you would like to register the SP which is not a member of the federation, it’s easy to add the SP in the /var/cache/shibboleth/federation-metadata.xml and then execute the above command.
Register SP Administrator in the Datbase.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
mysql> insert into sp_administrators(eppn, host_name, entityid, created)
values('YOUR-ePPN', 'HOST-NAME-OF-UTILIZED-SP',
'ENTITY-ID-OF-UTILIZED-SP', NOW());
Example1)Registration for researchmap and kyouindb
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values('xxxx@kyoto-u.ac.jp', 'researchmap.jp', 'https://researchmap.jp/shibboleth-sp', NOW());
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values('xxxx@kyoto-u.ac.jp', 'kyouindb.iimc.kyoto-u.ac.jp', \
'https://kyouindb.iimc.kyoto-u.ac.jp/shibboleth-sp', NOW());
Exmaple2) Registration for test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values('xxxxxx@ebook-idp.nii.ac.jp', 'test-meatmail.nii.ac.jp', \
'https://test-meatmail.nii.ac.jp/shibboleth-sp', NOW());
mysql> insert into sp_administrators(eppn, host_name, entityid, created) \
values(' xxxxxx@ebook-idp.nii.ac.jp', 'test-map-sp1.nii.ac.jp', \
'https://test-map-sp1.nii.ac.jp/shibboleth-sp', NOW());
Create SP Connector
Create SP Connector of the utilized SP by executing the following SQL.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,\
created,modified) values('GROUP-KEY', 'SERVICE-NAME', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Example1)Researchmap and kyouindb
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('researchmap', 'Researchmap', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified \
) values('kyouindb', 'kyouindb', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Example2)test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('test-meatmail.nii.ac.jp', 'test-meatmail.nii.ac.jp', '', \
0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
mysql> insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('test-map-sp1.nii.ac.jp', 'test-map-sp1.nii.ac.jp', '', \
0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Create SP Connector to Global mAP by executing the following SQL.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD
mysql>insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('gakunin-map ', 'GakuNin-mAP', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Exmaple) Test mAP
mysql>insert into groups(group_key,name,introduction,active,public,openmember,\
inspectjoin,inspectquit,down_permission,up_permission,group_response,sp,created,modified) \
values('test-map ', 'Test-mAP', '', 0, 1, 1, 1, 0, 2, 0, 2, 1, NOW(), NOW());
Register the administrator of SP Connector to the database.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD mysql> select id,name,mail from accounts; mysql> select id,group_key,name from groups where sp=1; Find your ID and Group table ID by the search com"mand above and then put it in the "YOUR-ACCOUNT-ID"and "GroupID" in the following SQL. mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(YOUR-ACCOUNT-ID, GroupID, 1, NOW(), NOW()); Example) In case of creating 3 SP Connectors mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 2, 1, NOW(), NOW()); mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 3, 1, NOW(), NOW()); mysql> insert into mygroups(account_id, groupid, admin, created, modified) values(1, 4, 1, NOW(), NOW());
Connection between SP Connecor and SP.
Connect SP Connector and SP by executing the following SQL.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD Search utilizes SP Connector ID. mysql> select id, name from groups where sp = 1; Search utilizes SP ID mysql> select id, name from sp_hosts; Based on the search result, register connecting information between SP Connector and SP. insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \ values(SP-CONNECTOR-ID, SP-ID, 'SERVICE-URL', NOW(),NOW(), 'SERVICE-NAME'); ・SP Connector ID:ID of groups table ・SP ID:ID of sp_hosts table Example1)Researchmap and kyouindb mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \ values(2, 3, 'http://researchmap.jp/', NOW(),NOW(), 'Researchmap'); mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \ values(3, 15, 'http://kyouindb.iimc.kyoto-u.ac.jp/', NOW(),NOW(), 'kyouindb'); Example2)test-meatmail.nii.ac.jp and test-map-sp1.nii.ac.jp mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \ values(2, 80, 'https://test-meatmail.nii.ac.jp/', NOW(),NOW(), 'Test-MeatMail'); mysql> insert into group_sphosts(group_id,sp_id,lead_url,created,modified,service_name) \ values(3, 175, 'https://test-map-sp1.nii.ac.jp/', NOW(),NOW(), 'Test-mAP-SP1');
Connect SP Connector and Global mAP(SP) by executing the following commands.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD Search SP Connector ID of Global mAP mysql> select id, name from groups where sp = 1 and group_key='gakunin-map'; Search SP ID of Global mAP mysql> select id, name from sp_hosts where name='map.gakunin.nii.ac.jp'; Based on the search result, register the connecting information between SP Connector and SP. mysql> insert into group_sphosts(group_id,sp_id,created,modified,service_name) \ values(SP-CONNECTOR-ID, SPのID, NOW(),NOW(), 'SERVICE-NAME'); Example 1)GakuNin mAP mysql> insert into group_sphosts(group_id,sp_id,created,modified,service_name) \ values(4, 14, NOW(),NOW(), 'GakuNin-mAP'); Example2)Test mAP mysql> insert into group_sphosts(group_id,sp_id,created,modified,service_name) \ values(4, 48, NOW(),NOW(), 'Test-mAP');
Automatic Connection of SP Connector
This enables users to utilize SP (ex. Researchmap, kyouindb) by connecting SP connector automatically when the user create new group.
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD Obtain ID by searching SP Connector mysql> select id, name from groups where sp = 1; Set the found ID in the following SQL and then execute. mysql> insert into sp_auto_connectors(groupid,created) values(FOUND-ID, NOW()); Example) mysql> insert into sp_auto_connectors(groupid,created) values(2, NOW()); mysql> insert into sp_auto_connectors(groupid,created) values(3, NOW());
Enable to utilize it also via Global mAP
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD Search ID of SP Connector of Global mAP. mysql> select id, name from groups where sp = 1 and group_key='gakunin-map'; Set the found ID in the following SQL and then execute. mysql> insert into sp_auto_connectors(groupid,created) values(FOUND-ID, NOW()); Example) insert into sp_auto_connectors(groupid,created) values(4, NOW());
Attribute Consent Setting for SP Connector
Set the consent information which will be utilized by the SP Connector
$ mysql -u vouser vo -pYOUR-OWN-PASSWORD Obtain ID by searching SP Connector mysql> select id, name from groups where sp = 1; Set ID for SP Connector in the following SQL and then execute. mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mail,idp,introduction,\ language,organization,created,modified) values(FOUND-ID, 1, 1, 1, 1, 1, 1, 1, 1, NOW(),NOW()); Example) select id, name from groups where sp = 1; +----+-------------------------+ | id | name | +----+-------------------------+ | 2 | xxxxxxx | | 3 | yyyyyyy | | 4 | zzzzzzz | mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mail,idp,introduction,\ language,organization,created,modified) values(2, 1, 1, 1, 1, 1, 1, 1, 1, NOW(),NOW()); mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mail,idp,introduction,\ language,organization,created,modified) values(3, 1, 1, 1, 1, 1, 1, 1, 1, NOW(),NOW()); mysql> insert into provide_attributes(group_id,ismemberof,eptid,name,mail,idp,introduction,\ language,organization,created,modified) values(4, 1, 1, 1, 1, 1, 1, 1, 1, NOW(),NOW());
Importing the Account Data from the Existing Database
If there exist the data in the existing database, it can be imported by means of TSV file.
Format of the TSV is as follows
Note that display name have to be within 50 characters.
LOCAL-ID(SPS-ID)<<TAB>>ePPN<<TAB>>DISPLAY-NAME(NAME) ...
Import command is as follows.
$ export TERM=vt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import [TSV-FILE-NAME] [IdP-ENTITY-ID] Example 1)Normal Execution $ export TERM=vt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import \ /var/local/map/tmp/kyoto-u.ac.jp.sample.tsv \ https://authidp1.iimc.kyoto-u.ac.jp/idp/shibboleth Example 2)Send Email after Execution $ export TERM=vt100 $ cd /usr/local/map/cake/console $ ./cake -app /usr/local/map/app kyoto_u_ac_jp_import \ /var/local/map/tmp/kyoto-u.ac.jp.sample.tsv \ https://authidp1.iimc.kyoto-u.ac.jp/idp/shibboleth | mail -s "Import Result" EMAIL-ADDRESS
Metadata
If you need to connect with Global mAP, it is required to incorporate this IdP metadata into the GlobalmAP.
Please send the following IdP metadata to the Global mAP administrator.
/opt/shibboleth-idp/metadata/idp-metadata.xml
Validation
Authentication
Confirm the authentication page after accessing to the following URL.
https://HOST-NAME-OF-THIS-SERVER/secure/attr.php
SP
After integrating the metadata of this SP into the related SPs and/or Global mAP, you can check the connecting test.