UPKIShibboleth

IdP SP

�

� UPKI� IdP SP� SP��

�

�

�

�

� spam�

� SymantecMailSecurity SpamAssassinInterscanMessageSecuritySuite TrendMicro

95% spam

�

� UPKI

UPKI� UPKI

UPKI

� IdP� IdP Identity Provider� ID LDAP� SP Service Provider

� IdP SP Shibboleth� SAML XML

UPKIIdP------------------------------------

LDAP

IdP

� IdP

CPU Core2DuoE8400 3GHz2GB

HDD 160GBOS CentOS5.2

Apache2.2.3 Tomcat6.0.18Shibboleth-idp-2.0.0

SP� SP 2

IdP VMware IdP256MB

OS CentOS5.2 Apache2.2.3 Tomcat6.0.18

shibboleth-2.1.1 php5.1.6UPKI

CPU Core2DuoE8400 3GHz2GB

OS OpenSUSE11.0HDD 160GB

Dspace1.4.2DSpace

ShibbolethCentOS rpm OpenSUSE src.rpm

UPKI

SP

� UPKI�

�

� DSpace�

� AkebonoPNG

IdP

UPKI

DiscoveryService

IdentityProvider

DSpace� 2000 MIT HP

��

�

� DSpace

�

� AkebonoPNG

Shibboleth� Apache

shibboleth2.xml � httpd.conf or .htaccess or shib.conf rpm

AuthType shibbolethShibRequireSession Onrequire valid-user

� SP IdPSP

� IdP SP

SP

�

� UPKIor

� SP

� IdP� NII SP

UPKI

� LDAP� ID uid�

�

ID

� ID�

� LAN Radius� VPN

Information Media Center 24

ID

25Information Media Center

ID

�

� ID� Web

ID

�

�LDAP

ID UPKI

� UPKI

� eduperson� eduPersonPrincipalName Principal Name� ID� ID uid

� ID ID

� eduPersonAffiliation Affiliation�

� employeeType

ID

importPackage( );uniqueValue = uid.getValues().get(0) + “xxxxx";localpart = DigestUtils.md5Hex(uniqueValue);principalName = new BasicAttribute("principalName");principalName.getValues().add(localpart + "@kanazawa-u.ac.jp");

]]>

…..

Attribute-resolver.xml ECMAScript

UPKI

�

�

�

� IdP SPUPKI

� IdP SP��

�

�

�

�

shibboleth

� UPKI SAML2.0