�� 4 ��
��{��@�n�J
��@�n�J��@��ϥΪ̥u���q�L�@�����ҡA�Y�i�ϥΦh��3�ε{���A�����g�L���s���ҡC �Ҧp�A�n�J Communications Express ��A�p�G�l��3�ε{�����w�ҥγ�@�n�J�\��A�z�������s�q�L���ҧY�i�ϥζl��3�ε{���C ���צ��L Identity Server ���i�H����@�n�J�C
|
�`�N
|
Messenger Express �� Messenger Express Multiplexor (MEM) 3�ӻP Communications Express ���p�b�ۦP�D��W�A�~��ҥΦ�ƾ�P�l���A�H�γq�T��P�l��ϥΪ̤����������q���\��C �p�G3�ε{�����p�b���P�D��W�A���w���Ҷq�A�s��N�����\�z�ϥ�3�ε{���������q���\��C
|
|
�����]�t�H�U�U�`�G
�� Identity Server �]�w��@�n�J
�U�C���`����p��� Identity Server ����@�n�J�\��]�w�P�ϥ� Communications Express�C
�� Identity Server �ҥ� Communications Express ������@�n�J�\��
�� Communications Express �P Identity Server �@�_���p�ɡACommunications Express �|�ϥ� Identity Sever ����@�n�J���i�����ҡC �I�s�t�m���F�ɷ|�]�w�� 4-1 �����Ϊ��Ҧ��ѼơC �Ш̷��� 4-1 �����Ѫ���n�]�w�ѼơC
|
�`�N
|
- uwcauth.identity.binddn �P uwcauth.identity.bindcred ��3�ӹ�3��w�� Identity Server �ɩҿ�J���ȡC
�Ҧp�Auwcauth.identity.binddn=uid=amAdmin�Bou=People�Bo=siroe.example.com�Bo=example.com �P uwcauth.identity.bindcred=password�C
- �d��� uwcauth.identity.binddn �P uwcauth.identity.bindcred �ȫO���w���A�C
- �b�s���� 4920222 ����~�o����e�A�z�ݭn�N Identity Server ���� jar �ɮ� (<UWC-deployed-path>/ WEB-INF/lib ���� am_sdk.jar �M am_services.jar) ����Ȧs�ؿ�C
|
|
�z�i�H�ק� uwcauth.properties �ɤ��� Communications Express �S�w�Ѽ� (�C�b�� 4-1 ��)�A��z���ϥ� Identity Server SSO�C
�� 4-1 ���p UWC �S�w���ѼƥH�ϥ� Identity Server ���q�@�~�s�� Messenger Express
�Ѽ�
|
�w�]��
|
�γ~
|
uwcauth.identity.enabled
|
True
|
��w�O�_�w�ҥ� Identity server�C
�ݩʳ]���uTrue�v�Y�i�ҥ� Identity Server�C
|
uwcauth.identity.login.url
|
|
��w�ҥ� Identity Server �� SSO �\��t�m�ܼơC �Ѽ�3��� Identity Server ���R�W�A�Ȫ� URL�C
�Ҧp�Auwcauth.identity.login.url=http://siroe.example.com:85/amserver/UI/login
|
uwcauth.identity.cookiename
|
iPlanetDirectoryPro
|
��w Identity Server �ҥΪ� cookie �W�١C
uwcauth.identity.cookiename ����3�ӹ�3�쬰 Identity Server �t�m�����C
|
uwcauth.identity.binddn
|
amAdmin BindDN
|
��w amadmin ������ DN�C
�Ҧp�A
uid=amAdmin, ou=People, o=siroe.example.com, o=example.com
|
uwcauth.identity.bindcred
|
amAdminBindCred
|
��w amadmin ���K�X�C
|
uwcauth.http.port
|
80
|
��w��D SSL �s����W�t�m Communications Express �ɡACommunications Express ��ť���s���X�C
|
uwcauth.https.port
|
443
|
��w�� Web Server �W�t�m Communications Express �ɡACommunications Express ��ť�� HTTPS �s���X�C
|
�� Identity Server �ҥ� Messaging Express ���� SSO �\��
�z��i�H�ϥ� msg-svr_install_root/sbin/configutil �u��t�m�� 4-2 ���ҦC���ѼơC �Ъ`�N�A�o�ǰѼƥ����b�w�˫��T�]�w�A�]���w�˵{���|�]�w�o�ǰѼơC
�Y�ݨϥ� configutil �u�㪺�ԲӸ�T�A�аѾ\�uSun Java System Messaging Server �z��n�v���� 3 ���G�t�m�@��l��ǰe�\�� (��� /docs/cd/E19263-01/817-7101)�C
�z�i�H�ק�C�b Sun Java System Messaging Sever �t�m���� Messenger Express �S�w�ѼơA�� UWC �ϥΪ̯��ϥ� Identity Server ���q�@�~�s�� Messenger Express�C
�� 4-2 �t�m Messaging Sever �t�m���� Messenger Express �S�w�ѼơA�� UWC �ϥΪ̯��ϥ� Identity Server ���q�@�~�s�� Messenger Express
�Ѽ�
|
�d��
|
�γ~
|
local.webmail.sso.amnamingurl
|
|
���t�m�ҥ� Identity Server ���� SSO �\��C
�ܼ�3��� Identity Server ���R�W�A�Ȫ� URL�C
�Ҧp�A
configutil -o local. webmail.sso.amnamingurl -v http://siroe.example.com:85/amserver/namingservice
|
local.webmail.sso.uwcenabled
|
1
|
���\ UWC �ϥΪ̦s�� Messenger Express�C
|
local.webmail.sso.uwclogouturl
|
http://siroe.example.com:85/base/UWCmain?op=logout
�b�D�� URI (�Ҧp /uwc) �����p Communications Express �ɡA���Ѽƪ��Ȭ��G
http://siroe.example.com:85/uwc/base/UWCmain?op=logout
|
��w Messenger Express �ΨӨ� UWC ���q�@�~���Ī� URL�C
|
local.webmail.sso.uwcport
|
85
|
��w UWC HTTP �s����C
|
local.webmail.sso.uwccontexturi
|
uwc
|
��w���p UWC ����|�C
�u���� UWC ���p�b�D�� URI �ɤ~�n��w���ѼơC �Ҧp�A�p�G UWC ���p�b /uwc�A�h local.webmail.sso.uwccontexturi=uwc
|
local.webmail.sso.amcookiename
|
iPlanetDirectoryPro
|
��w Identity Sever ���q�@�~ cookie�C
�T�w�b uwcauth.properties �ɮפ��A uwcauth.appprefix ���ȳ]�� local.webmail.sso.amcookiename ���ȡC
|
local.webmail.sso.uwchome
|
|
��w�s�� Mast ���Y�����D���s���һݪ� url�C
|
UWC �P Identity Server SSO �@�P�B�@���覡
- �p�G�ҥ� Identity Server�A�h���ҥ� Identity Server ���A�ӥB cookie �]�w�� uwcauth.properties �ɤ��� uwcauth.identity.cookiename �ҫ�w���W�١C
- Communications Express �ϥ� Identity Server SDK �ǰe�ШD�� Identity Server �R�W URL�A�H���� cookie �O�_���ġC Identity Server �R�W URL �O�q��ƭȬ��H�U�榡����Ȥ��D��o�ӡG
<protocol>://<host>:<port>/<content URI>
�Ҧp�Ahttp://siroe.example.com:/amserver
�Ҧp�Ahttp://siroe.com:80/amserver
- ���Ҧ��\���ҫ�AUWC �q SSO SDK ������ϥΪ� ID �P��´ DN�C
- UWC ���Ҭ��S�w�ϥΪ̱ҥΪ��A�ȡA�ëإߥ���q�@�~�C
- �� Identity ���q�@�~�O�ɡA�Ϊ̨ϥΪ̵n�X�� Identity ���q�@�~�Q�P���AUWC ���q�@�~�|���ġA�í��s�ɦV�� UWC �n�J���C
�� Messaging SSO �]�w��@�n�J
�o�@�`����p��� Messaging Server ��@�n�J�\��]�w�P�ϥ� Communications Express�C �t�m���F���|�]�w���j��ʪ� SSO ����ѼơC �z�����̷ӥH�U�Ĥ@�βĤG�`�ҥܤ�ʳ]�w�ݭn���ѼơC
�ϥ� Messaging SSO �ҥ� Communications Express
�z�i�H�ק� uwcauth.properties �ɤ����l��S�w�Ѽ� (�C���� 4-3 ��)�A�� Communications Express �ϥΪ̯��ϥ� Messaging SSO �s�� Messenger Express�C
�� 4-3 �t�m uwcauth.properties �ɤ����l��S�w�Ѽ�
�Ѽ�
|
�w�]��
|
�γ~
|
uwcauth.sessioncookie
|
JSESSIONID
|
��w servlet �e���ΨӰl�ܶ��q�@�~�� cookie �W�١C
|
uwcauth.appprefix
|
|
��w�D��3�ε{�����e��C
�e��O�ΨӴM���@�n�J�L�{���Ѩ�L�i�H��3�ε{���Ҳ��ͪ� cookie�C
�p�G���p�ϥ� Messaging SSO�A���ݩ�3�ӫ�w���T���ǰe�t�m�L�{���]�w�� local.webmail.sso.prefix �ȡC
|
uwcauth.appid
|
uwc
|
��w�]�t�D��3�ε{�����ߤ@3�ε{�� ID �� cookie �W�١C
|
uwcauth.cookiedomain
|
|
��w�x�s����@�n�J cookie �@���*����W�١C
�ȥ����H�p���I�� (.) �}�l�A�Ҧp�A�u.example.com�v(�?���X�檺�D��W�٬O siroe.example.com ��)�C
|
uwcauth.messagingsso.enable
|
True
|
�ҥΩΰ��ΰT���ǰe���Ҧ���@�n�J�\��C
�N���ѼƳ]���uTrue�v�i�ҥγ�@�n�J�A�]���uFalse�v�h���γ�@�n�J�C
|
uwcauth.messagingsso.cookiepath
|
/
|
��w�x�s����@�n�J cookie �@���*����θ�|�C
|
uwcauth.messagingsso.singlesignoff
|
True
|
�p�G�]���uTrue�v�AUWC �P Messenger Express ���q�@�~���|���ġA�ӥB�|�N�ϥΪ̭��s�ɦV�ܵn�J���C �_�h�A�u�� Messenger Express ���q�@�~�|���ġC
|
messagingsso.xxx.url
|
http://servername/ VerifySSO?
|
��w������ SSO cookie �� URL�C
xxx ����3�ӥΦ�A����3�ε{�� ID ��N�C
�Ҧp�A�p�G�n�� Messaging Server �ҥ�3�ε{�� ID ���umsg60�v�� SSO �\��A�z�����[�J�U�C�t�m�ѼơG
mesagingsso.msg60.url=http://servername/VerifySSO?
���B���Ϊ� xxx ��3�ӻP Messenger Express ���� local.webmail.sso.id ��w���ȧ����@�ˡC
|
messagingsso.uwc.url
|
http://servername:85/VerifySSO?
�� Communications Express ���p�b�D�� URI (�Ҧp /uwc) �ɡA�Ѽƪ��w�]�Ȭ��G
http://servername:85/uwc/VerifySSO?
|
��w UWC ��A�������� URL�C
�p�G���s��L�o����A���� uwcauth.appid �ȡA�бN messagingsso.uwc.url ���� uwc �H�s�� uwcauth.appid ��N�C
|
messagingsso.appid
|
ims
|
UWC �ϥγo�� cookie �M�w�O�_�n�� Messenger Express �o�X�n�X�ШD�C
messagingsso.appid ����3�ӻP�T���ǰe�t�m�L�{���]�w�� local.webmail.sso.id �@���C
|
�ϥ� Messaging SSO �ҥ� Messaging Server
�z�i�H�� configutil ���ε{�� (msg-svr_install_root/sbin/configutil) �ק�l��S�w�Ѽ� (�C���� 4-4 ��)�A�� UWC �ϥΪ̯��ϥ� Messaging SSO �s�� Messenger Express�C
�� 4-4 �t�m Messaging Server �t�m���� Messenger Express �ѼơA�� UWC �ϥΪ̯��ϥ� Messaging SSO �s�� Messenger Express
�Ѽ�
|
�d��
|
�γ~
|
local.sso.<uwc-appid>.verifyurl
|
http://siroe.example.com:85/VerifySSO?
�� Communications Express ���p�b�D�� URI (�Ҧp /uwc) �ɡA�Ѽƪ��w�]�Ȭ��G
http://siroe.example.com:85/uwc/VerifySSO?
|
��w Messenger Express �ϥΪ� URL�A�Ψ����Ҩ㦳 UWC �� cookie�C
<uwc-appid> ����3�ӹ�3�� uwcauth.properties �ɤ����Ѫ� appid �ȡC
|
local.webmail.sso.cookiedomain
|
.example.com
|
���Ѽƪ��r��ȥΩ�]�w�� Messenger Express HTTP ��A���]�w���Ҧ� SSO cookie �� cookie ���ȡC
�ȥ����H�y�� (.) �}�l�A�Ҧp�A�u.example.com�v(�?���X�檺�D��W�٬O siroe.example.com ��)�C
�T�w�����Ѽƫ�w���ȻP uwcauth.cookiedomain ����J�ȬۦP
|
local.webmail.sso.enable
|
1
|
�ҥΩΰ��� Messaging SSO ����@�n�J�\��C
|
local.webmail.sso.ims.verifyurl
|
http://siroe.example.com/VerifySSO?
���B���] webmail ���p��s���� 80�C
|
��w������ SSO cookie �� URL�C
|
local.webmail.sso.prefix
|
|
��w�ΨӴM��Ѩ�L�i�H��3�ε{���� SSO �Ҳ��ͪ� cookie ���D��3�ε{���e��C
�T�w���ȹ�3�� uwcauth.appprefix ����J�ȡC
|
local.webmail.sso.singlesignoff
|
1
|
�p�G�]�� True�A��ϥΪ̵n�X�ɡA��A���|�����ŦX sso.apprefix �Ȫ��ϥΪ̪��Ҧ���@�n�J cookie�C
�p�G�]�� False�A��A���u�|�������@�n�J�ϥΪ� cookie�C
|
local.webmail.sso.uwcenabled
|
1
|
�ҥΩΰ��� UWC �ϥΪ̦s�� Messenger Express�C
|
local.webmail.sso.uwclogouturl
|
http://siroe.example.com:85/base/UWCMain?op=logout
�� Communications Express ���p�b�D�� URI (�Ҧp /uwc) �ɡA�Ѽƪ��w�]�Ȭ��G
http://siroe.example.com:85/uwc/base/UWCMain?op=logout
|
��w Messenger Express �ΨӨ� UWC ���q�@�~���Ī� URL�C
|
local.webmail.sso.uwcport
|
85
|
��w UWC HTTP �s����C
|
local.webmail.sso.uwccontexturi
|
uwc
|
��w���p UWC ����|�C
�u���� UWC ���p�b�D�� URI �ɤ~�n��w���ѼơC �Ҧp�A�p�G UWC ���p�b�u/uwc�v�A�h local.webmail.sso.uwccontexturi=uwc
|
local.webmail.sso.uwchome
|
http://www.sun.com
|
��w�s�� Mast ���Y�����D���s���һݪ� url�C
|
Communications Express �P Messaging SSO �@�P�B�@���覡
�� 4-1 �� Messaging SSO �]�w��@�n�J�\��
��ϥΪ̵n�J Communications Express �ɡA�Τ@ Web �Τ�ݷ|���ҨϥΪ̡A�æb�s����@���q�@�~�� cookie�C �����q�@�~�� cookie �W�ٱĥΤU�C�榡�G
uwcauth.appprefix + "-" + uwcauth.appid.
�Y Messenger Express ���w�ҥ� SSO �\��A�h�q UWC �s�� Messenger Express �ɡG
- Messenger Express �������W�٥H local.webmail.sso.prefix ���t�m���ȶ}�Y���Ҧ� cookie�C�ÿ�ܥ]�t UWC appid �� cookie �i�����ҡC
- Messenger Express �ϥ� local.webmail.sso.uwccontexturi �P local.webmail.sso.uwcport �Ѽƫإ߾A�? UWC URL�C
uwcport �O���p Communications Express ���s����C
�Ҧp�A�p�G UWC �P Messenger Express ���p�b siroe.varrius.com �W�AMessenger Express �|�H�U�C�榡�إ� URL �r��G
http(s)://siroe.varrius.com:local.webmail.sso.uwcport/local.webmail.sso.uwccontexturi
- Messenger Express �ǰe���ҽШD�� local.sso.uwc.verifyurl�A�H���Ҩ㦳 UWC �� cookie �ȡC
- UWC ���ҹL�ϥΪ̾��ҫ�AMessenger Express ������ϥΪ� ID �M����T�C
- �M��AMessenger Express �|�إߥ���q�@�~�A����ܸӨϥΪ̪��q�l�H�c�C
- ��ϥΪ̫�@�U�n�X�ɡA�n�X�ШD�|���� Messenger Express�A�� Messenger Express ���q�@�~���ġC �� Messenger express ���q�@�~���ī�A���|�N�ϥΪ̭��s�ɦV�� Communications Express ���n�X url�C Communications Express �|�Ϩ䶥�q�@�~���ġA�ñN�ϥΪ̭��s�ɦV�ܵn�J���C
�]�w Identity Server SSO �P Messaging SSO �@�P���Ѽ�
|
�`�N
|
Communications Express �P Messenger Express 3�ӥH�ۦP���q�T��w (http �� https) ���p�C
|
|
�� 4-5 �C�X uwcconfig.properties �ɤ����`�� UWC �S�w�ѼơC �t�m Communications Express �ɶ��]�w�o�ǰѼơC
�� 4-5 �t�m Communications Express �ɱ`�Ϊ� UWC �S�w�Ѽ�
�Ѽ�
|
�d��
|
�y�z
|
mail.deployed
|
True
|
�ҥΩΰ��� UWC �����l��s��C
�p�G�w���p Messenger Express�A�ݩʳ]���uTrue�v�C
|
webmail.host
|
siroe.example.com
|
��w Messenger Express (�� MEM) ���D��W�١C Messenger Express ���D��W��3�ӹ�3�� UWC ���D��W�١C
|
webmail.port
|
80
|
��w��� Messenger Express ���s���X�C
|
�b Communications Express ���s�� Messenger Express
Communications Express �|�̷ӤU�C���ǡA�ھ� LDAP �ݩʪ��ȨM�w�O�_��ϥΪ���� [�l��] ���ҡG
mailDeployed (appl level) -> inetDomainStatus(domain level) -> mailDomainStatus(domain level) -> inetUserStatus(user level) -> mailUserStatus(user level)
�Y�ݳo�� LDAP �ݩʪ��ԲӸ�T�A�аѾ\�uSun Java System Communications Services 6 Schema Reference Guide�v�C