Sun Java System Identity Server 2004Q2 �������� |
Sun Java System Identity Server ��������
���� 2004Q2
��X 817-7136
����������]�A�i�H�b Sun Java System Identity Server 2004Q2 �o��ɨ�o�����n��T�C���B�N���зs�\��M�W�j�\��B�w�������D�M����H�Ψ�L��T�C�b�z�}�l�ϥ� Identity Server 2004Q2 ���e�A�Х�\Ū�����C
����������̷s�����i�H�b Sun Java System ���������G
�w�˻P�]�w�n�餧�e���s���A����Щw���˵�̷s����������P���~������C
����������]�t�H�U���!G
�����|�ѦҨ�O�t�Ӫ� URL�A�ô��Ѩ�L�����T�C
��������q�O��
�� 1 �q�O��
���
�ܧ�
2004 �~ 6 �� 23 ��
���䴩 Linux �o�檺�ĤG����������C�b�u�w�����D�v�M�椤�ٷs�W�F�y�z�C
2004 �~ 5 �� 18 ��
�����o�榹��������C
��� Identity Server 2004Q2Sun Java System Identity Server �O�@�Ө���z�ѨM��סA�M���ŦX��~�ֳt�X�i���ݭn�ҳ]�p�CIdentity Server �i�H��z���z����u�B�X�@�٦�P��3�Ө�o�i�J�u�W�ؿ��C���i���Ѥ@�ؤ�k�A��z�i�H�إߦ���b�z�����q�����ǤH�i�H�s����Ǹ�T�������P�v���C���z�Ҧ�����ơB�A�ȡB�H�ΤH��s��e�Ө��AIdentity Server �L�ìO���n������A�]�O�z�Ҧ������P�~���~����Y������C
�o�Ӫ������s�W�\��Identity Server 2004Q2 ���]�A�H�U�s�\�� (�p�ݳo�ǥ\���ԲӪ�����A�аѾ\�uSun Java System Identity Server Technical Overview�v)�G
�w��P�n��ݨD������ Identity Server �ݭn�H�U�w��P�n��C
���������ץ�����~�U�?��F�b Identity Server 2004Q2 ���ץ�����~�G
�w�˪`�N�ƶ�
�� Identity Server �����|�N Identity Server �M�˳n�骺�w�˱q�z�����Ĩ�t�m�B�J���6}�C�b���������A�z�����ϥ� Java Enterprise System �w�˵{���H�w�� Identity Server ���Ĥ@�ӹ�ҡC
�t�m�{����
�b�w�˲Ĥ@�� Identity Server ��Ҥ���A�z�i�H�ϥ� configuration scripts �b Sun Java System Application Server �H�� Sun Java System Web Server �W�إߨ�L����ҡC
IS �w��/�t�m�{���ɰ��U�C�ʧ@�G
�p�ݸԲӻ���A�аѾ\�uIdentity Server �z��n�v�C�Ъ`�N�A�ثe�w���A�䴩 amserver ��O�C
�w�����D�M�������`�]�t Identity Server 2004Q2 �o��ɤ��n���w�����D�M��C���`�]�t�H�U�D�D�G
�w��
�ڦr�$����r���i��|�y���w�˥��� (#4750396)
�b�w�˴v��A��t�έn�D�z��w Identity Server �ڦr�.ɡA�Ф��n�b���ѧO�W�� (RDN) ���ϥγr���C
�{��
�ä[�� Cookie �Ҧ��ݩʤ��@�P (#5038544)
�b�ä[�� Cookie �Ҧ����A�O�����]�m�� UserId �ݩʤ��@�P�C�ѩ�o�ӭ�]�A�� UserID �ݩʦөw�������N�z�{���i��|���ѡC
�ѨM��k
�b�D DN �Ȥ��ϥ� UserToken�A�Ӧb DN �Ȥ��ϥ� Principal�C
�z��L�k�q��t��´�s�W���� (#5042217)
�p�G�z�Q�ΨϥΪ̰ʺA�]�w�ɫإߨ���ӳ]�w�l��´���{�ҪA�ȡA�M��ҥΰʺA�]�w�ɫإߥH�n�J�A�ȡA�h��z�˵�ϥΪ��ݩʮɡA�N�S������|�Q��w�A��]�O�{�ҪA�ȥu���\�ݩ�l��´������C
�L�k�b�s�W�N�z�{���ݩʫ�n�J Identity Server (#4966788)
�p�G�z�N�N�z�{���ݩʷs�W�� server.xml�A�M�᭫�s�Ұ� Identity Server�A�z�N�L�k�n�J Identity Server �D���x�C�o�ӱ��p�Ȧb�N�z��A���L�k���� Identity Server �ɵo�͡C
�ѨM��k
�b server.xml ���A�]�w http.nonProxyHosts ���㦳����D��W�١A�M�᭫�s�Ұʦ�A���C�Ҧp�G
<JVMOPTIONS>-Dhttp.nonProxyHosts=Identity_Server_FQDN</JVMOPTIONS>
���F�į�ت��A�Y�ϥN�z��A�������� Identity Server�A���M3�]�w���ѨM�覡���ҩw�q���ݩʡC
���s��J [���q�@�~�O��] �����N�ϥΦ��Ī��ϥΪ̦W�ٻP�K�X�{�ҨϥΪ� (#4697120)
�b�n�J�����W�A�p�G�ϥΪ̵��ݭ����O�ɡA�M���J���Ī��ϥΪ̦W�٩M�K�X�A�h�|�ݨ춥�q�@�~�O�ɭ����C�p�G�ϥΪ̭��s��J�ӭ����A�h�L�ݭ��s��J�ϥΪ̦W�٩M�K�X�A�Y�i�{�Ҧ� Identity Server�C
�������h�x SafeWord ��A����w���P�ؿ� (#4756295)
�t�m�h�ӨϥΦU�� SafeWord ��A������´�ɡA�����b�� SafeWord �{�ҪA�Ƚd������w�U�۪� .../serverVerification �ؿ�C�p�G�O�d�w�]�ȡA�åB�Ҧ���A�����ϥΦP�@�ؿ�A�h�Ĥ@�ӨϥΨ� SafeWord ��A���{�Ҫ���´�N�O�ߤ@���Ī���´�C
��O��u��
�H SSL �Ҧ���� amadmin �ɡAJVM �i��|���_ (#5009031)
�H�w���Ҧ�����A���ɡA�s��ϥ� amadmin �i��|���_ JVM�C
�p�G�z�J�즹��3�A���p�� Sun Java System �n��䴩�A�ȡC
am2bak �M bak2am �{���ɦb Linux ���S���@�� (#5053866)
am2bak �M bak2am �_��{���ɦb Linux �W��檺 Identity Server �W�L�k�B�@�C
�ѨM��k
- �ץ��U�C��O����|�G
ECHO=/usr/bin/echo
3�Ӭ� ECHO=/bin/echo
uid=`/usr/xpg4/bin/id -un`
3�Ӭ� uid=`/usr/bin/id -un`
/usr/bin/tar
3�Ӭ� /bin/tar
usr/bin/rm
3�Ӭ� /bin/rm
/usr/bin/grep
3�Ӭ� /bin/grep
/usr/bin/ps
3�Ӭ� /bin/ps
/usr/bin/ls
3�Ӭ�/bin/lsv
- �ק� check_for_invalid_chars() ��ơC�Ҧp�G
check_for_invalid_chars() {
echo "$1" | grep '[^/_.a-zA-Z0-9a-]' > /dev/null
if [ $? = 0 ]; then
return 1
else
return 0
fi
}
�b Linux �t�Τ��Aamserver stop �ä��|���� amunixd �{�� (#5050332)
�b Linux �t�Τ��A/etc/init.d/amserver stop ��O�ä��|���� amunixd �{�һ���{���{�ǡC
�ѨM��k
����Шϥ� ps ��O�[�W f �ﶵ�H�M�w amunixd �{�� ID�Gps -efl | grep /opt/sun/identity/share/bin/amunixd
�M��b���{�� ID ���ϥ� kill ��O�H���� amunixd �{�ǡC
��� am2bak �ɷ|�X�{�w���ѰT�� (#5043752)
�b�ϥ� am2bak ���ƥ�{�ǮɡA�z�i��|����@�ӿ�~�T���A��ܳƥ�{�Ǥw���ѡA�M�Өƹ�W�ƥ�{�Ǩå����ѡC
amadmin �Ǧ^�����T����~�T�� (#5008960)
amadmin �� import �ﶵ��Ҧ������~�����T�a�ߥX�ۦP����~�T���C
�ȥD���x�W�� amverifyarchive �w�� [���洫] ���� (#4993375)
�p�G�z��� Identity Server �ȥD���x�w�ˡA���{���ɤ��� amverifyarchive ���ε{���N���|���U�C�洫�X�����ҡG
�t�m
amconfig �{���ɵL�k���w���a�ƪ� Identity Server �t�m [�H��t�m] �ﶵ (#5062437)
�p�G�z�ϥ� Java Enterprise System �w�˵{���w�ˤF���a�ƪ� Identity Server 2004Q2 �����A�ӥB��� [�H��t�m] �ﶵ�Aamconfig �{�����H��N�L�k�t�m Identity Server�C
�ѨM��k
�b�z��� amconfig �{���ɤ��e�A�нs�� Web �e���{���� (��z�ϥΦ�� Web �e����� Identity Server)�G
- ��� Web �e���{���ɡG
- �b Web �e���{���ɤ��A�s�W /WEB-INF �ؿ�ܤU�C�� if �y�z�� $DEPLOY_SRC �ܼƤ��G
if [ ! -d $DEPLOY_SRC/WEB-INF ]; then
mkdir -p $DEPLOY_SRC
cd $DEPLOY_SRC
jar xf $PKGDIR/$warfile- ��� amconfig �{���ɥH�t�m Identity Server�C �p�ݦ��� amconfig �{���ɪ���T�A�аѾ\�uIdentity Server 2004Q2 �z��n�v�G
�ФŨϥΨ㦳�L�T���ɮﶵ�� amconfig (#5003430�B5003386�B5000964)
�ФŨϥ� amconfig �����ʼҦ��C�Ҧp�Jamconfig -s�C���G�L�k�w��C
�ѨM��k
�b�L�T���Ҧ����Ұ� amconfig�C�Ҧp�Jamconfig -s path-to-silent-file�L��ݦW�٬O����A�l�� userRoot �إ߯d� (#5002886)
index.ldif �|�g�� userRoot �H�K�إ��ݩʯdޡC�i�H�b�����W�٫�ݸ�Ʈw�� rootsuffix ���w�� Identity Server�C�i�H�ϥ� nsslapd-suffix=SUFFIX_NAME �@���L�o���A�z�L ldapsearch (�t��¦ cn=config) �Ө�o��ݦW�١C
�p�X
�p�G�ݩʭȬ��šA�N�|�ߥX PP Modify �����` (#5047103)
��z�ϥΪťժ��ݩʭȰ�� PP Modify �ɡAIdentity Server �|�ߥX���`�C�Ҧp�A�p�G�z�إ߳]�w�H��� sis-ep �d���M��ǰe EP Modify ���ë�@�U��s�Ӥ���J�ݩʪ����ȡA�N�|�����T�a�ߥX���`���p�C
�����ͮĻݭn��A�����s�Ұ� (#5045036)
�p�X������I��������z���s�Ұʦ�A������~�|�ͮġC����� Application Server �M Web Server �Ҭ����ġC�u���b��s���w�ˤ���A�H�η�즸��I�����ɡA�~�������s�Ұʦ�A���C
Identity Server �D���x
�N�㦳�ڵ��s���v��������إ߬���´�z��ɲ��Ϳ�~ (#5037978)
�p�G�z�O�H��´�z����n�J�ëإߤ@�Ө���A�M�ᬰ���s���v�� (�Ҧp�إ� [��´�z��] �� [����ୱ�z��] ����)�A�z�N�|�����~�T���C
��´�z���v���w�]�w���Ϻz��L�k�ק��´�������ȡC�b�إߨ㦳�v��������ɡA�N�xխק��´���ؤ��� ACI�C
�ѨM��k
- �b�w�˫�A�Ц� XML �ɮשҦb���ؿ�C�̹w�]�A���̬O�G
/etc/opt/SUNWam/config/xml (Solaris)
/etc/opt/sun/identity/config/xml (Linux)
- �ƥ� amAdminConsole.xml �ɮסC�Ҧp�G
cp amAdminConsole.xml amAdminConsole.bak
- �s�� amAdminConsole.xml�C
- �j�M�Ҧ��H�uS1IS Organization Admin Role access allow read�v�}�l����A�M��R���� ACI�C�Ҧp�A�R���Ҧ��X�{���Ω��´�z��⪺ ACI�G
aci:(target="ldap:///ORGANIZATION")(targetfilter=(!(|(nsroledn=cn=Top-level Admin Role,dc=iplanet,dc=com)(nsroledn=cn=Top-level Help Desk Admin Role,dc=iplanet,dc=com))))(targetattr != "nsroledn")(version 3.0; acl "S1IS Organization Admin Role access allow read"; allow (read,search) roledn = "ldap:///ROLENAME";)
- �j�M�Ҧ��H�uS1IS Organization Admin Role access allow all�v�}�l����A�M��s��� ACI �H������ ACI �}�Y�� '*,'�G
aci:(target="ldap:///*,
�s��Ҧ��X�{���Ω��´�z��⪺ ACI�C�Ҧp�G
�ק惡 ACI�G
aci:(target="ldap:///*,ORGANIZATION")(targetfilter=(!(|( nsroledn=cn=Top-level Admin Role,dc=iplanet,dc=com)(nsroledn=cn=Top-level Help D esk Admin Role,dc=iplanet,dc=com))))(targetattr != "nsroledn")(version 3.0; acl "S1IS Organization Admin Role access allow all"; allow (all) roledn = "ldap:///ROLENAME ";)
���G
aci:(target="ldap:///ORGANIZATION")(targetfilter=(!(|( nsroledn=cn=Top-level Admin Role,dc=iplanet,dc=com)(nsroledn=cn=Top-level Help Desk Admin Role,dc=iplanet,dc=com))))(targetattr !="nsroledn")(version 3.0; acl "S1IS Organization Admin Role access allow all"; allow (all) roledn = "ldap:///ROLENAME";)
- �x�s���ɮסC
- �ϥ� amadmin ��O��u��R�� iPlanetAMAdminConsoleService�G
/opt/SUNWam/bin/amadmin -u "uid=amAdmin,ou=People,dc=iplanet,dc=com" -w "iplanet1" -r "iPlanetAMAdminConsoleService"
- �p�G�ɮפw���\�a�R���A�N�|��ܤU�C�T���G
Deleting Service Schema iPlanetAMAdminConsoleService
Success 0: Successfully completed.
- �ϥ� amadmin ��O��u�㭫�s�H�s�ק諸 amAdminConsole.xml �פJ�ۦP���A�ȡG
/opt/SUNWam/bin/amadmin -u "uid=amAdmin,ou=People,dc=iplanet,dc=com" -w "iplanet1" -s /etc/opt/SUNWam/config/xml/amAdminConsole.xml
- �p�G�ɮפw���\�a��J�A�N�|��ܤU�C�T���G
Loading Service Schema XML /etc/opt/SUNWam/config/xml/amAdminConsole.xml
Success 0: Successfully completed.
- ���s�Ұ� Identity Server�C
���sĶ�D���x�d�� (#5026635)
�Y�� Identity Server �D���x�d�ҥ��sĶ�A��]�O�������w�ܧ��ɮת���m�C
�ѨM��k
�N rules.mk �ɮפ��{���� jato.jar ��|�ܧU�C��|�G
�ϥΪ̵L�k�P SAML �A�ȦP�ɫإ� (#5038600)
�u���̳��h���z��~���b�� SAML �A�Ȫ��P�ɫإߨϥΪ�
�ѨM��k
��´�z��ݭn�b�S�� SAML �A�Ȫ����p�U�إߨϥΪ̡C�@���ϥΪ̫إߤ���A�z��i�H�z�L [�ϥΪ̳]�w��] �����s�W�A�ȡC
�� [�W�@�B] ��s�ɡA�ƭȨå��O�d (#4992972)
�C�?�h�������B�z (�Ҧp�إ߸s�ջP����ηs�W���ܵ���)�A�M���� [�W�@�B] ��s�ɡA�e�@�ӭ��������ƭȱN�L�k�^�_�C
�����z��L�k�ק�ۤv���]�w�� (#5042100)
�����z��L�k�z�L Identity Server �D���x�ק�L/�o�ۤv���]�w�ɡC
�ѨM��k
�N [�����˵�] ����ܿﶵ�]�w�� [�ϥΪ�]�A�ӱN�ϥΪ̪� [�i�ΰʧ@] �]�w�� [�����s���v]�C
��ϥΪ̺z���ήɡA�p�G�j�M�ϥΪ̡A�D���x�N�|�o�Ϳ�~ (#5049218)
�p�G�ϥΪ̺z�w���Φӱz���j�M�ϥΪ̪��ʧ@�A�z�i��|�����A����~���T���C
�ѨM��k
�N PMAdminRoldSelect.jsp �H�s�� JSP �Ө�N�C���i�H�b�U�C����m�����G
����y�z�j�M�z�ᄍ�L�k���`�B�@ (#4959895)
�b [�p�X�Ҳ�] �� [����y�z��] �˵�A�p�G�z�ϥ� [�j�M] ���ӴM�����y�z���A�h�j�M���G���ɷ|���ǽT�C
�u**�v�j�M�B�n�S���@�� (#4961370)
�p�G�z�b Identity Server �D���x���ϥ��u**�v�ӨS���ϥ��B�~�r���@���j�M�z�ᄍ�B�n�A�h�j�M�N�|���ѡC�j�M��챵��]�t�B�~�r�����u**�v�A�Ҧp **a �� a**�C
�p�X�z�Ҳդ��U���Ѫ̪���s���D (#4915894)
�b�p�X�z�Ҳդ��A�p�G�z�ק���x�s�U���Ѫ̤� [����Ѫ�] ��Ϥ�������ݩʡA�ܧ�N�Q�x�s�A��|�۰ʧ�s��ܤ��e�C
�ѨM��k
�z�L���P�Ҳ� (�Ҧp�A�A�Ȱt�m) �����p�X�z�ҲաA�M��A��^�p�X�z�ҲաC�o�˷|��s��ܤ��e�C
�D���x�����s�ϥΪ��ݩ��ܧ� (#4931455)
Identity Server �D���x [����] �ج[�����s�H��� [���] �ج[���ϥΪ��ݩʭȪ��ܧ�C��ʧ�s�����H�˵��ܧȡC
Internet Explorer ���o�ͳs������D (#4864133)
�ѩ�M Internet Explorer ���ۮe�����D�A�b��� http �ɤ�3�Өϥ� 80 �@�� Identity Server �s���X�A�άO�b��� https �ɤ�3�Өϥ� 443�C
�O��A��
�ҥ� Java Security �ɵo�ͰO����D (#4926520)
�ҥ� Java Security �ɡAjdk_logging.jar �i��L�ġC
�ѨM��k
�ҥ� Java Security �ɡA�p�G�z�֦� JDK 1.4 ���e�������A�Цb Java �w���ɮפ��ǤJ�H�U�\�i�v�G
permission java.lang.RuntimePermission shutdownHooks
����
�b�Ѧҵ����W�h���Ұ����ק�å��ϬM�b�l��´�� (#5016725)
�b�R���ڲ�´���Ѧҵ�������A�l��´�����@�뵦���W�h�å��R�� (�ӥB�L�k�R��)�C
�b��F nslookthrough ����ɨå��Ǧ^�ŦX������ (#5013538)
�Y�Ϥw��F nslookthrough ���ҩw�q���z����A�ŦX�����ؤ��M���Ǧ^ Identity Server �D���x�C
�ѨM��k
�ծ� nslookthroughlimit �ѼƥH���v���ؼơC
�O�W�O�������j��� (#4985823)
�p�G�z�ϥΨϥΪ̧O�W�ǥ� LDAP �Φ����H�~�����v�Ҳյn�J Identity Server�A�M��xզs���O�@���귽�A�h�s��N�|�Q�ڵ��C
�����d�Ұ��D (#4923898)
����d�Ҥ��� Readme.html ���]�A�ɭP�d�ҵL�k��檺��T�C�����d�ҡALD_LIBRARY_PATH �ݭn�]�A NSPR�BNSS �H�� JSS �@�ε{���w����|�C
�N����ܼ� LD_LIBRARY_PATH �]�w�� /usr/lib/mps/secv1 (Solaris �A��) �� /opt/sun/pirvate/lib (Linux)�C�p�G�����T�]�w�����A�h�N�o�Ϳ�~�C
���q�@�~�A��
����M�����m���q�@�~ (#4959071)
�ثe���ॿ�T�M�����m���q�@�~�C�лP�䴩�H���p���A�H��o�ѨM�����D���ɵ{���C�p�ݸԲӸ�ơA�аѾ\�p���i���D�M���Ѧ^�X�C
SDK
�b�ϥ� SSL ��A���� Identity Server SDK �w�ˤ��ϥ� certutil ����� (#5027614)
�ϥΪ̹xձq�Ȧw�� SDK ����P�ҥ� SSL �� Identity Server 2004Q2 ��A���i��q�T�ɡA�|�o�ͦw���ʬ����~�M���`�C �b����פ��A�O�b�L Web �e���άO�b�ĤT�誺 Web �e�� (�Ҧp BEA WebLogic Server �� IBM WebSphere Application Server) �����p Identity Server SDK�C
�ѨM��k
�b�Ȧw�� SDK ����W�إ��ҮѸ�Ʈw�A�ñN Identity Server ��A������ CA �{�Ҧw�˦ܦ���Ʈw�G
- �H�W�ŨϥΪ� (root) ������n�J�Ȧw�� SDK ����C
- �T�{�w�w�˥��n�� Netscape Security Services (NSS) �M�˳n��G
- �p�G���w�ˮM�˳n��A�в{�b�w�ˡC�Ҧp�G
�b Solaris �t���G
cd JavaEnterpriseSystem_base/Solaris_arch/Product/shared_components/Packages
pkgadd -d . SUNWtlsu�b Linux �t���G
cd JavaEnterpriseSystem_base/Linux_x86/Product/shared_components/Packages
rpm -Uvh sun-nss-3.3.10-1.i386.rpm- �����ҮѸ�Ʈw�إ߰O���K�X���K�X�ɮסC�Ҧp�G
�b Solaris �t���G
echo "cert-database-password" > /etc/opt/SUNWam/config/.wtpass
chmod 700 /etc/opt/SUNWam/config/.wtpass�b Linux �t���G
echo "cert-database-password" > /etc/opt/sun/identity/config/.wtpass
chmod 700 /etc/opt/sun/identity/config/.wtpass�䤤 cert-database-password ���O���K�X�C
- �ˬd LD_LIBRARY_PATH �ܼơG
�b Solaris �t�Τ��A���ˬd LD_LIBRARY_PATH �H�F�� /usr/lib�B/usr/lib/mps/secv1 �M /usr/lib/mps �ؿ�O�_�s�b�C �p�G���s�b�A�зs�W���ʤ֪��ؿ�C
�b Linux �t�Τ��A�ˬd LD_LIBRARY_PATH �H�F�� /opt/sun/private/lib �ؿ�O�_�w�g�s�b�A �p�G���s�b�A�зs�W�ؿ�C
- �ϥ��ҮѸ�Ʈw�u�� (certutil) �H�إ{�һP�K�_��Ʈw�C �p�ݦ��� certutil ����T�A�аѦҤU�C����G
http://mozilla.org/projects/security/pki/nss/tools/certutil.html
�Ҧp�G
certutil-home/certutil -N -d cert-database-dir -f config-home/.wtpass
�䤤�G
certutil-home �O certutil ����m�G
- �b�s�إߪ��ҮѸ�Ʈw���A�s�W�w�g�w�˦b Identity Server ��A������ SSL �{�Ҫ��� CA �ҮѡC�Ҧp�G
certutil-home/certutil -A -n "certificate-nickname" -t "TCu,TCu,TCuw" -d cert-database-dir -a -i path-to-file-containing-cert -f config-home/.wtpass
- �ϥνs�边���˵� AMConfig.properties �ɮרýT�{�U�C��
- �p�G�w�g�� AMConfig.properties �i���ܧ�A�ӥB Identity Server SDK �w���p�� Web �e���A�Э��s�Ұ� Web �e���C
�ϥ� DNSAlias �P JCE ���Ѫ̶i�� SSL �T���洫���� (#5038876)
��ϥ� subjectaltname ���㦳���� DNSAlias �W�٪��ҮѮɡASSL �P JCE ���Ѫ̶i��T���洫���ѡC
BasicEntitySearch �z�ᄍ�w�g���� uid (#5041529)
�p�G�z�b�w�� Identity Server �ɬO�N�ϥΪ̩R�W�ݩʳ]�w�� cn�A�M��n�J Identity Server �D���x�ëإߥN�z����A�h�N�z����N���|�b�s��椤��ܡC�o�O�ѩ����j�M�d���w�g���� uid�C
�ѨM��k
�q Directory Server �z�D���x�N�z�ᄍ�q uid �ܧ� cn�A�M�᭫�s�Ұʦ�A���C
�z�ᄍ Init() ���� Identity ��k�y�� Weblogic �G�� (#5016283)
�p�G�z�諸 init() ��k�]�t Identity Server ����{���X�A�h Weblogic ��A���N���|�ҰʡCIdentity Server API �O�H ServletFilter servlet �� init ��k�өI�s���C
Identity Server �ϥ� JSS �@���w�����Ѫ̡A��O Weblogic �̹w�]�|�ϥ� JCE�C�b�Ұ� init ��k�ɡAWeblogic �|�xըϥ� JCE ���Ҩ���v�A��O JSS ���b�i���l�ơC
�ѨM��k
�N AMConfig.properties �ɮפ��w�]���w���ʥ[�K�q JSSEncryption �ܧ� JCEEncryption�C
�H�u{SSHA}�v�Ÿ��}�Y�����K�X�L�k�ϥ� (#4966191)
Identity Server ���䴩�b�K�X���ϥ��H�� {SSHA} �Ÿ��C
AMConfig.properties ���� smtp Server Port �ݩʤ����T (#5048378)
AMConfig.properties ���� smtp server port �ݩʤ����T�C�w�ǰe�l��M�� com.iplanet.am.smtpport ���覡�����T�C
�R�W�ݩ�3���p�g (#4931163)
�ѩ� SDK ��������A�R�W�ݩʥ������p�g�C�Ҧp�A�p�G�z�b Directory Server �W�w�� Identity Server ��ҡA�æb�ϥΪ̩R�W�ݩʩw�q�� CN �����p�U��J Identity Server �Ҧ��A�h�إߨϥΪ̱N���ѡC
�ѨM��k
�b Directory Server �D���x���ܧ�R�W�ݩʡC�Ҧp�A�N�إ߽d���� basicuser �ϥΪ̩R�W�ݩʱq CN �ܧ� cn�C
�s�իإ߿ﶵ�ȥ[�J�@�� memberURL �ݩ� (#4931958)
�p�G�z�z�L�h�� LDAP �L�o���ﶵ (-f) �إ߸s�աA�h�Ӹs�դ��|�Q���T�إߡA�B�ȥ]�t�@�� memberURL �ݩʡC
�A�ȵ�U���D (#4853809)
�p�G�z�إߪA�Ƚd���æb��t��´����U���̡A�M��xլ��l��´��U���̡A�h�b��t��´����U���Y�ǪA�Ȥ��|�Q��U�A�� amConsole.access �o��ܳo�ǪA�Ȥw�Q��U�C
�ѨM��k
��s Identity Server �D���x�í��s��U�o�ǪA�ȡC
�u�A�������v���⪺�ϥΪ̵n�J�ɪA�Ȯ� (#4931907)
�p�G�u�A�������v���⤤���ϥΪ̦b�z��Ұʵ�ϳ]�w�� orgDN �����p�U�n�J Identity Server�A�M��xը���U�A�ȡA�h�Ҧ��C�X���A�ȳ��|��C
�ѨM��k
���s�Ұʦ�A���A�h�Ҧ��A�ȷ|���s��ܡC
�榸�n�J
�ϥΤ��P�����p URI �L�k��� SSO (#4770271)
�p�G��Ӥ��P Identity Server ��Ҫ����p URI ���P�A�h�榸�n�J�N�L�k���T�o���@�ΡC
��ڤ� (i18n)
��U�Ҧ��A�Ȯɤ����U�Ҧ��i�Ϊ��A�� (#4853809)
�p�G�z�z�L Identity Server �D���x��U�Ҧ��A�ȡA�h�Y�ǪA�Ȥ���C�b [�i�ΪA��] ���C
�ѨM��k
�Фū�U [�s�W] ��s�W�L�@���H�W�C
�]�t�����Ҧ����A�ȦV�ϥΪ���ܬ��u�i�s�W�v(#4996479)
�b�s�W�A�ȦܨϥΪ̮ɡAwsrp �ϥΪ̪A�ȱN��ܬ��i�ΡC��O�p�G�w�g�Q��ܡA���N���|�Q�s�W�A�]���N�|���ѡC�A�̡A�p�G�h���A�ȩM�ϥΪ̪A�Ȥ@�P�ˬd�A�h�Ҧ��s�W���A�ȳ��|���ѡC
�ѨM��k
���n�q����z�Ҳշs�W WSRP �A�ȡC
����s��� Authlevel �n�J���� (#5013994)
��z�즸�̻{�үŧO�n�J Identity Server �ɡA�p�G�z���s��y���]�w�� ja�A�h���N�L�k�b�U�C������s��B�@�G
�ѨM��k
��X�{�uAuthentication Module has Denied�v(�{�ҼҲճQ�ڵ�) ��~�ɡA�Ы�@�U�uGo Back To Login Page�v(��^�n�J��) �s���C�z�]�i�H��J�U�C URL�G
���u�W������ܤ����T (#5024138)
�p�G�z��檺�O��媩�� Identity Server �ӱN�y���ܧ� en_US�A�h���M�N�|��ܤ�媺����e�C
�ѨM��k
�إ߲Ÿ��s���A�q docs_en �� docs_en_US�C
�ϥΪ� ID ���ͼҦ��|�q�W�r/�m�ͨϥΪ� ID (#5028750)
Identity Server �ä��䴩�h�줸�ըϥΪ� ID�C�̹w�]�A�ϥΪ� ID ���ͼҦ��|�q�W�r�M�m�ͨϥΪ� ID�C
�Τ�ݰ���\��L�k���`�B�@ (#5028779)
�b�Τ�ݰ���A�Ȥ��A���� UTF-8 �L�k���`�B�@�C
�ѨM��k
�p�G�z���� UTF-8 �r�����A�Цb�i���ܧ�᭫�s�Ұ� Web �e���C
G11NSetting �ä��B�z Q �Y�Ƥ����Ů� (#5008860)
��Τ�ݸ�Ʀb q �Y�Ƥ��Υ|�P���Ů�AG11NSettings �X�N�L�k���T��R�A�ӥB�|�Ǧ^��~�G
ERROR:G11NSettings::Fetchcharset() Unable toparse charset entry invalid Q q
�ϥΦh�줸�ը���ѼƵn�J ja �r������ URL �ɡA�n�J�������� (#4905708)
�p�G�z�إߦh�줸�ը���A�M��xեH��U�h�줸�ը��⪺�ϥΪ̵n�J URL�A�h�n�J���N�|���ͬG�ٿ�~�C
�ѨM��k
���ϻ{�Үج[�ѽX URL ����w���h�줸�ը���ȡA�ݭn�H�Ѽƫ�w gx_charset�C�Ҧp�Ghttp://hostname:port/amserver/UI/Login?role=manager?role=%E3%81%82%&gx_charset=utf-8
��x�ɦb Ja �y����Ҥ����ýX (#4882286)
�U�C��x�ɥ]�t���r���A�b�}�Үɷ|��ܬ��ýX�G
IdentityServer_base/SUNWam/debug �ؿ�Ҧ��ɮסA��O deploy.log �M undeploy.log ���~�C
URL �����y����ҰѼ���ܲV��n�J���� (#4915137)
�p�G�z�ϥΪ��O���D�^�媺�s��A�åB Identity Server ��һP Web Server �@�P�w�ˡA�h�n�J http://<host>:<port>/amserver/UI/Login?locale=en �ɡA�n�J������ܪ��r���J���^��S���D�^��C
�ѨM��k
�ܧ�H�U�Ÿ����s���G
IdentityServer_base/SUNWam/web-apps/services/config/auth/default
��
IdentityServer_base/SUNWam/web-apps/services/config/auth/default_en
HTTP Basic ����~�T�������a��(#4921418)
�p�G�ϥ� HTTP Basic �{�ҼҲյn�J�A�h��@�U [���] ��s�A�ù�W�|��ܫD���a�ƿ�~�T���C���� Application Server ���w�����D�F���ȷ|�b Identity Server �P Application Server �@�P���p�ɵo�͡C
Application Server �� ja �ɡA[�n�J] �����V��y����� (#4932089)
���s��y���]�w�� en �� Application Server ���y����ҳ]�w�� ja �ɡAIdentity Server �n�J��N�L�k�̹w�]�^�_���^��C
�ѨM��k
���y����ҳ]�w�� en �� Application Server�C
��w�q���ǰe���iŪ���q�l�l�� (#4938511)
�p�G�z�Ұ�檺 Identity Server �� Web �e�����ߦn�y����ҳ]�w�� C �H�~�����y����ҡA�åB�ϥΪ̳Q��w���A�����~�A�h�t�αN�ǰe��w�q���q�l�l��A��q�l�l�iŪ�C
�ѨM��k
�b [�ǰe��w�q�����q�l�l���}] �ݩʤ��]�w email|local|charset (�Ӥ��u�O email �Ѽ�)�C�Ҧp�G
�w�ץ����y����Ҥ����Ĭ�ѨM�h�� (#4922030)
�p�G�ϥΪ̥H�S�w�y����� (�Ҧp�Azh) �n�J Identity Server �D���x�A��U [�{�Ұt�m] �A�ȡA�إߪA�Ƚd���A�M��n�X�A�H���P���y����ҭ��s�n�J�A[�Ĭ�ѨM�h��] ���رN�|�H��l�y����Ү榡���覡�����T�a�C�X�C
am2bak �M bak2am �����T���Ȭ��^�� (#4930610)
am2bak �M bak2am �_�줽�ε{���������T���b���������Ȧ��^�媩�C
�h�줸�զW�٦b�ۦ��U���L�� (#4732470)
�p�G�z�b�ۧڵ�U (�����{�ҪA��) �Ҳդ��H���ƪ��ϥΪ� ID �M�h�줸�թm��M�W�r�إߨϥΪ̡A�N�|�o�Ϳ�~�C���䴩�h�줸�ըϥΪ� ID�C
�ѨM��k
�p�G�ϥΪ̦b�h�줸����Ҥ��ϥΦۧڵ�U�n�J�A�h�z���T�w�S�����֤{�Ҥ��� [�ϥΪ̲��;��Ҧ�] �ݩʡC
��
�ϥΪ̥i�H�b [�ۧڵ�U] �n�J������� [�إߦۤv��] �ﶵ�C
��媩 Identity Server �L�k�P Netscape 6.22 �M 6.23 �t�X�ϥ� (#4902421)
�b��媩 Identity Server 6.1 ���A�z�L�k�ϥ� Netscape 6.22 �� 6.23 �n�J�D���x�C
�ɶ����榡���� (#4888416)
�b�����w�q���ɶ���A���y����Ҭ���A�H�U�ɶ���ܮ榡�����ܡG
Hour:Minute AM/PM
backup_restore.po �� msgid-msgstr �諸�T�������a�� (#4916683)
�p�G���컡�� backup_restore.po �{���ɤ���| msgid-mgstr ��B Directory Server �Үѥ��ƥ�T���A���|�ƥ� Directory Server �ҮѡC���T�����Q���a�ơC
[�Τ�ݰ���] �e�������a�� (#4922013)
�b���������A[�Τ�ݰ���] ������ [�ثe�˦��S��] �e�����%����a�ơC
��s�� genericHTML �Τ�ݯS�ʥ��Q�M�� (#4922348)
�p�G�z�q�Τ�ݰ���A�Ȥ� genericHTML �Τ�ݯS�ʤ����r�����M�椺���� UTF-8�A���x�s�ܧ�A�ҥΥΤ�ݰ���A�M��n�X�A�n�J�A�n�J�������� UTF-8 �r�����C
�ѨM��k
�ϥ� amserver ��ʭ��s�Ұʦ�A���C
��x�ɼ��Y�����a�� (#4923536)
�Ҧ���x�ɪ��Y��楼���a�ơA�S�O�O Version �M Fields �Ϭq �Ψ����M��C
amSSO.access ����������ȥ����a�� (#4923549)
�b amSSO.access ��x�ɤ��AData ���U���Ҧ��ȳ������a�ơC
Exception.jsp �㦳�T�Ƶ{���X�T�� (#4772313)
Exception.jsp �����a�ơA�B�]�t�T�Ƶ{���X���D�B��~�T���H�Ϊ��v��T�C�u���b�S�O���ݪ����p�U�A�~�|�Ұʦ����`��~ jsp ���C�o�DZ��p�]�A Directory Server ��A�άO��L�k�a�X Identity Server �A�ȡA�H�ΨS���� jsp ���i�Ϊ����a�ơC
Cookie
Cookieless �Ҧ����B�@ (#4967866)
�p�G�s��s�� Identity Service ���� cookie �䴩�A�ӥB�p�G�s��䴩 cookie�A�h�s��|�~��ǰe���ª� Identity Server cookie�C�o�˷|�y���s�� Identity Server �귽�Q�ڵ��C
�ѨM��k
��ܤU�C�䤤�@�ӸѨM��k�GCookie �ܨ�
��3�ε{���ϥεL�k�H����q�@�~ cookie �ɡA�i��|�M�Φw���ʡC
�b�z�� Identity Server ���p���ҥγ榸�n�J (SSO) �θ���榸�n�J�ɡA�|�b�ϥΪ̪��s��]�w http(s) ���q�@�~ cookie�C�i�H��h��3�ε{�����ҳo�� cookie�C��z��h�� DNS ��쳡�p Identity Server �ɡALiberty ��w�|�N http(s) ���q�@�~ cookie �q���Ҫ� DNS ��첾��� Web 3�ε{�����ؼк��C
��M�ϥΪ̷|�۰ʵn�J Web �귽�A��3�ε{���ϥεL�k�H����q�@�~ cookie �ɡA���M���w�����w���z�I�s�b�C�?��Ѫ̱N����ϥΪ̪����ҡB���v�M�]�w�ɸ�T���ѵ��Ѩ�O�t�өΥ�~�����g���v���s�թҶ}�o��3�ε{�� (�ΪA�ȴ��Ѫ�) �ɡA�z�I�N���i��|�X�{�C�i��w���ʰ��D�O�G
- �Ҧ�3�ε{���|�@�άۦP�� http ���q�@�~ cookie�C�o�˦��i��|�ϱo rouge 3�ε{���ܨ�q�@�~ cookie �æb�t�@��3�ε{�������_�ϥΪ̡C
- �p�G3�ε{���S���ϥ� https ��w�A���q�@�~ cookie �e��D������ť�C
- �u�n���@��3�ε{�����Q�ܨ�A��Ӱ�¦�[�c���w���ʴN�����M�`�����I�C
- Rouge 3�ε{���i�H�ϥζ��q�@�~ cookie �Ө�o�ϥΪ̪��]�w���ݩʨæ��i��i��ק�C�p�G�ϥΪ֦̾��z�v���A3�ε{���N���y����j���a�`�C
�ѨM��k
�̷ӥH�U�B�J�G
- �ϥ� Identity Server �z�D���x���C�ӥN�z�{���إ߶��ءC
- �b�]�t�n�إߪ��N�z�{������´���A��� [�˵�] �\��?�� [�N�z�{��]�A�M���@�U [�s�W]�C
- ���ѥH�U��T�J
[�W��]�C��J�N�z�{�����W�٩Ψ���C�Ҧp�Jagent123
[�K�X]�C��J�N�z�{���K�X�C�Ҧp�Jagent123
[�T�{�K�X]�C�T�{�K�X�C
[�y�z]�C��J�N�z�{����²�n�y�z�C�Ҧp�A�z�i�H��J�N�z�{����ҦW�٩Υ��ҫO�@��3�ε{�����W�١C
[�N�z�{�����]�C�ϥ���/�ȹ�]�w�N�z�{�����e�C�����e�� Identity Server �Ψӱ�������ϥΪ̾��Ұ��]���N�z�{���ШD�C
��J agentRootURL ���ݩʭȡA���ȵ���㦳�s�����N�z�{�� URL�C�Ъ`�N�AagentRootURL �ȰϤ$j�p�g�C
�Ҧp�JagentRootURL=http://server_name:99/
[�˸m���A]�C��J�N�z�{�����˸m���A�C�p�G�]�w�� [�@�Τ�]�A�N�z�{���N���V Identity Server �i��{�ҨûP���q�T�C�p�G�]�w�� [�D�@�Τ�]�A�N�z�{���N����V Identity Server �i��{�ҡC
- ��@�U [�T�w]�C
- �ϥΦb�B�J 2b ����J���K�X���U�C��O�C
/opt/SUNWam/agents/bin/crypt_util agent123
�p���N���ѤU�C��X�G
WnmKUCg/y3l404ivWY6HPQ==
- �ܧ� AMAgent.properties �H�ϬM�s�ȡA�M�᭫�s�ҰʥN�z�{���C�Ҧp�J
- �ܧ� AMConfig.properties �H�ϬM�s�ȡA�M�᭫�s�Ұ� Identity Server�C�Ҧp�J
- �b Identity Server �z�D���x���A��� [�A�Ȱt�m]>[���x]�C
- �b Cookie ���M�椤�A�ܧ� cookie ���W�١G
�i���s�0t���ɮ�Sun Java System Identity Server 2004Q2 �S���]�t���z�i�H���s�0t���ɮסC
�p���i���D�M���Ѧ^�X�p�G�z�J�즳�� Sun Java System Identity Server �����D�A�ШϥΥH�U���@�P Sun �Ȥ�䴩�H���p���G
- Sun �n��䴩�u�W�A�ȡA���
http://www.sun.com/supportraining���K��ڭ̳̦��Ħa��U�z�ѨM���D�A�Цb�p���䴩�H��ɷdzƦn�H�U��T�G
Sun �w��z���X�N��
Sun ���ө�ﵽ�仡����A���w��z���X�N���M��ij�C�ϥ� Web �����N�N�����ѵ� Sun�G
�Цb��3����줤���ѧ��㪺�����D�H�Τ��s���C���s���� 7 �� 9 ��ơA�i�H�b��n�����D�����Τ�����C�Ҧp�A�o�Ӫ����������s���O 817-7136�C���X�N���ɱz�ٻݭn�b��椤��J����^����D�M��X�C�Ҧp�A����^���X�� 817-5712�A������D���uSun Java Enterprise System Identity Server 2004Q2 Release Notes�v�C
��L Sun �귽�z�i�b�H�U��ں���m��즳�Ϊ� Sun Java System ��T�G
- Sun Java System ������
http://docs.sun.com/db/prod/entsys.04q2 �P
http://docs.sun.com/db/prod/entsys.04q2?l=zh_TW
- Sun Java System �M�~�A��
http://www.sun.com/service/products/software/javaenterprisesystem/- Sun Java System �n�鲣�~�M�A��
http://wwws.sun.com/software/- Sun Java System �n��䴩�A��
http://www.sun.com/supportraining- Sun Java System �䴩�M���Ѯw
http://sunsolve.sun.com- Sun Java System �ԸߩM�M�~�A��
http://www.sun.com/service/products/software/javaenterprisesystem- Sun �}�o�H��䴩�A��
http://www.sun.com/developers/support
Copyright © 2004 Sun Microsystems, Inc. ���v�Ҧ��C
Sun Microsystems, Inc. �糧��Ҵy�z���~���ϥΪ��N�֦�����z���v�C�S�O�O (��ȭ���)�A�o�Ǵ��z���v�i��]�A�@���Φh���b http://www.sun.com/patents �W�C�X�����M�Q�A�H�Τ@���Φh�����M��L��a/�a�Ϫ���L�M�Q�Ϋݧ�M�Q�C
SUN PROPRIETARY/CONFIDENTIAL.
�ϥΥ����~������u���v�W�w�C
���o�檫�i��]�t�Ѩ�O�t�Ӷ}�o����ơC
���~���Y�dz��%i��� Berkeley BSD �t�ΡA�øg�[�{�j�DZ��v�C
Sun�BSun Microsystems�BSun �лx�BJava �M Solaris �O Sun Microsystems, Inc. �b���M��L��a���ӼЩε�U�ӼСC�Ҧ� SPARC �ӼЧ��b���v�U�ϥΡA���̬O SPARC International, Inc. �b���M��L��a/�a�Ϫ��ӼЩε�U�ӼСC