[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[upki-fed:00527] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B

Subject: [upki-fed:00527] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
Date: Fri, 02 Nov 2012 16:02:27 +0900
From: Akazawa TS <xxxxxxxx@xxxxxxxxxxxxxx>

upki-fed ML $B$N3'MM!"Cf;3MM!"@VLZMM(B

$B!!$*@$OC$K$J$j$^$9!#(B
$B!!ET0e3X8&$N@VBt$G$9!#(B

$B!!?JE8$,$"$j$^$7$?!#Cf;3MM$H@VLZMM$N$4;XE&N>J}$rE,MQ$9$k$3$H$G(B
$B!!(B/opt/shibboleth-idp/logs/idp-process.log $B$+$i(B
$B!!(B[LDAP: error code 49 - Invalid Credentials] $B$,H/@8$7$J$$$h$&$K(B
$B!!$J$j$^$7$?!#@?$K$"$j$,$H$&$4$6$$$^$9!#(B

$B!!$?$@!"$^$@JL$NLdBj$,H/@8$7$F$$$k$?$a!"0J2<$K9g$o$;$F$4Js9p(B
$B!!$5$;$F$$$?$@$-$^$9!#(B

> $BF?L>(BBIND$B$,$G$-$J$$(BLDAP$B%5!<%P$N>l9g$O(B
> login.config$B$K(BbindDn$B$H(BbindCredential$B$N@_Dj$bI,MW$+$bCN$l$^$;$s!#(B

  $B$4;XE&$K4p$E$-!"(B/opt/shibboleth-idp/conf/login.config $BFb$r8+$F(B
$B!!$_$k$H!"(BbindDn$B$H(BbindCredential$B$O@_Dj$5$l$F$$$^$;$s$G$7$?!#(B
$B!!(Blogin.config $BFb$K(B
   See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass
$B!!$H=q$$$F$"$C$?$N$G!"F1%5%$%H$r8+$F$_$k$H!"(B
$B!!!V(BLDAP Login Module Specification$B!W$N8+=P$7$N$H$3$m$K$o$+$j(B
$B!!$d$9$$2r@b$b:\$C$F$$$^$7$?!#(B

$B!!$=$7$F0J2<$N$h$&$K!"(BbindDn$B$H(BbindCredential$B$NCM$r@_Dj$7$^$7$?!#(B
$B!!$^$?>e5-%5%$%H$K$O!"(BIdP$B$O(B Case-preserving $B$H$"$C$?$N$G!"(BbindDn
$B!!$H$7$F!"EvJ}$N(BLDAP$B%5!<%P$K5-:\$I$*$j$N(B case $B$G5-=R$7$^$7$?!#(B
$B!!!J(Bou=apps $B$H$;$:$K(B ou=Apps $B$H$7$^$7$?!K(B

-----------------/opt/shibboleth-idp/conf/login.config -----------
ShibUserPassAuth {
   edu.vt.middleware.ldap.jaas.LdapLoginModule required
      ldapUrl="ldap://localhost"
      baseDn="dc=igakuken,dc=or,dc=jp"
      ssl="false"
      userFilter="uid={0}"
      subtreeSearch="true"
      bindDn="cn=test,ou=Apps,dc=igakuken,dc=or,dc=jp"
      bindCredential="********"
      ;
};
------------------------------------------------------------------

>> ldapURL="ldap://localhost" baseDN="dc=igakuken,dc=or,dc=jp"
>> principal="cn=test,ou=apps"
> 
> principal $B$r(B  "cn=test,ou=apps,dc=igakuken,dc=or,dc=jp"
> $B$KJQ99$7$F;n$7$FD:$1$^$;$s$G$7$g$&$+!)(B

$B!!0J2<$N$h$&$KJQ99$7$F$_$^$7$?!#(Bou=apps $B$H$7$F$$$?2U=j$bG0$N$?$a(B
$B!!(Bou=Apps $B$H$7$^$7$?!#(B

----------/opt/shibboleth-idp/conf/attribute-resolver.xml-----------
    <!-- Example LDAP Connector -->
    <!-- -->
    <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory"
xmlns="urn:mace:shibboleth:2.0:resolver:dc"
        ldapURL="ldap://localhost" baseDN="dc=igakuken,dc=or,dc=jp"
principal="cn=test,ou=Apps,dc=igakuken,dc=or,dc=jp"
        principalCredential="********">
        <FilterTemplate>
            <![CDATA[
                (uid=$requestContext.principalName)
            ]]>
        </FilterTemplate>
    </resolver:DataConnector>
   <!-- -->
------------------------------------------------------------------

$B!!$=$7$F0J2<$N$h$&$K(B tomcat6 $B$r:F5/F0$5$;$F$_$k$H!"(Bstart$B;~$N(B
$B!!(B[LDAP: error code 49 - Invalid Credentials]$B$OH/@8$7$J$/$J$j$^$7$?!#(B

#service tomcat6 stop
#service httpd restart
#service tomcat6 start

$B!!$7$+$7$J$,$i!"https://metadata.gakunin.nii.ac.jp
 /gakunin-test-metadata.xml
 org.apache.commons.httpclient.ConnectTimeoutException:
 The host did not accept the connection within timeout of 5000 ms

15:30:29.456 - ERROR
 [org.opensaml.xml.parse.StaticBasicParserPool:50]
 - XML Parsing Error org.xml.sax.SAXParseException:
 Premature end of file.

15:30:29.462 - ERROR
 [org.opensaml.saml2.metadata.provider
 .AbstractReloadingMetadataProvider:307]
 - Unable to unmarshall metadata
 org.opensaml.xml.io.UnmarshallingException:
 org.opensaml.xml.parse.XMLParserException: Invalid XML

15:30:29.472 - ERROR
 [org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:411]
 - Metadata provider failed to properly initializing, halting
 org.opensaml.saml2.metadata.provider.MetadataProviderException:
 org.opensaml.saml2.metadata.provider.MetadataProviderException:
 Unable to unmarshall metadata

15:30:29.474 - ERROR
 [edu.internet2.middleware.shibboleth.common.config.BaseService:188]
 - Configuration was not loaded for
 shibboleth.RelyingPartyConfigurationManager
 service, error creating components.
 The root cause of this error was: org.xml.sax.SAXParseException:
 Premature end of file.
-----------------------------------------------------------------------

$B!!(BIdP$B%5!<%P$N;~9o$O!"EvJ}$N(B NTP$B%5!<%P(B $B$HF14|$5$;$F$*$j!"EvJ}$N(B
$B!!(BNTP$B%5!<%P$O(B SINET4 $B$N(BNTP$B%5!<%P$HF14|$5$;$F$$$k$O$:$J$N$G$9$,!"(B
$B!!$3$N8e!"3NG'$7$F$_$^$9!#(B

--
$B8x1W:bCDK!?MEl5~ET0e3XAm9g8&5f=j(B $B>pJs%7%9%F%`<<(B
$B@VBtG/0l(B

Follow-Ups:
- [upki-fed:00528] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
  - From: $B@VLZK.M:(B

References:
- [upki-fed:00517] IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<%7%g(B$B%s!K(B
  - From: Akazawa TS
- [upki-fed:00518] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
  - From: yamaji
- [upki-fed:00520] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
  - From: Akazawa TS
- [upki-fed:00521] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
  - From: $B@VLZK.M:(B
- [upki-fed:00524] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
  - From: Akazawa TS
- [upki-fed:00525] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
  - From: $B@VLZK.M:(B

Prev by Date: [upki-fed:00526] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
Next by Date: [upki-fed:00528] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
Previous by thread: [upki-fed:00525] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
Next by thread: [upki-fed:00528] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B
Index(es):
- Date
- Thread

[upki-fed:00527] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B

[upki-fed:00527] Re: IdP$B$,5/F0$7$^$;$s!J%F%9%H%U%'%G%l!<(B$B%7%g%s!K(B