Sun Java �лx     �W�@��      �ؿ�      �d�      �U�@��     

Sun �лx
Sun Java System Communications Express 6 2004Q2 �޲z��n 

�� 4 ��
��{��@�n�J

��@�n�J��@��ϥΪ̥u���q�L�@�����ҡA�Y�i�ϥΦh��3�ε{���A�����g�L���s���ҡC �Ҧp�A�n�J Communications Express ��A�p�G�l��3�ε{�����w�ҥγ�@�n�J�\��A�z�������s�q�L���ҧY�i�ϥζl��3�ε{���C ���צ��L Identity Server ���i�H����@�n�J�C


�`�N

Messenger Express �� Messenger Express Multiplexor (MEM) 3�ӻP Communications Express ���p�b�ۦP�D��W�A�~��ҥΦ�ƾ�P�l�󤧶��A�H�γq�T��P�l��ϥΪ̤����������q���\��C �p�G3�ε{�����p�b���P�D��W�A���w���Ҷq�A�s��N�����\�z�ϥ�3�ε{���������q���\��C


�����]�t�H�U�U�`�G


�� Identity Server �]�w��@�n�J

�U�C���`����p��� Identity Server ����@�n�J�\��]�w�P�ϥ� Communications Express�C

�� Identity Server �ҥ� Communications Express ������@�n�J�\��

�� Communications Express �P Identity Server �@�_���p�ɡACommunications Express �|�ϥ� Identity Sever ����@�n�J���i�����ҡC �I�s�t�m���F�ɷ|�]�w�� 4-1 �����Ϊ��Ҧ��ѼơC �Ш̷��� 4-1 �����Ѫ���n�]�w�ѼơC


�`�N

  • uwcauth.identity.binddn �P uwcauth.identity.bindcred ��3�ӹ�3��w�� Identity Server �ɩҿ�J���ȡC
  • �Ҧp�Auwcauth.identity.binddn=uid=amAdmin�Bou=People�Bo=siroe.example.com�Bo=example.com �P uwcauth.identity.bindcred=password�C

  • �d��� uwcauth.identity.binddn �P uwcauth.identity.bindcred �ȫO���w���A�C
  • �b�s���� 4920222 ����~�o��󥿤��e�A�z�ݭn�N Identity Server ���� jar �ɮ� (<UWC-deployed-path>/ WEB-INF/lib ���� am_sdk.jar �M am_services.jar) ����Ȧs�ؿ�C

�z�i�H�ק� uwcauth.properties �ɤ��� Communications Express �S�w�Ѽ� (�C�b�� 4-1 ��)�A��z���ϥ� Identity Server SSO�C

�� 4-1 ���p UWC �S�w���ѼƥH�ϥ� Identity Server ���q�@�~�s�� Messenger Express

�Ѽ�

�w�]��

�γ~

uwcauth.identity.enabled

True

��w�O�_�w�ҥ� Identity server�C

�ݩʳ]���uTrue�v�Y�i�ҥ� Identity Server�C

uwcauth.identity.login.url

 

��w�ҥ� Identity Server �� SSO �\�઺�t�m�ܼơC �Ѽ�3��� Identity Server ���R�W�A�Ȫ� URL�C

�Ҧp�Auwcauth.identity.login.url=http://siroe.example.com:85/amserver/UI/login

uwcauth.identity.cookiename

iPlanetDirectoryPro

��w Identity Server �ҥΪ� cookie �W�١C

uwcauth.identity.cookiename ����3�ӹ�3�쬰 Identity Server �t�m�����C

uwcauth.identity.binddn

amAdmin BindDN

��w amadmin ������ DN�C

�Ҧp�A

uid=amAdmin, ou=People, o=siroe.example.com, o=example.com

uwcauth.identity.bindcred

amAdminBindCred

��w amadmin ���K�X�C

uwcauth.http.port

80

��w��D SSL �s����W�t�m Communications Express �ɡACommunications Express ��ť���s���𸹽X�C

uwcauth.https.port

443

��w�� Web Server �W�t�m Communications Express �ɡACommunications Express ��ť�� HTTPS �s���𸹽X�C

�� Identity Server �ҥ� Messaging Express ���� SSO �\��

�޲z��i�H�ϥ� msg-svr_install_root/sbin/configutil �u��t�m�� 4-2 ���ҦC���ѼơC �Ъ`�N�A�o�ǰѼƥ����b�w�˫��T�]�w�A�]���w�˵{���|�]�w�o�ǰѼơC

�Y�ݨϥ� configutil �u�㪺�ԲӸ�T�A�аѾ\�uSun Java System Messaging Server �޲z��n�v���� 3 ���G�t�m�@��l��ǰe�\�� (��� /docs/cd/E19263-01/817-7101)�C

�z�i�H�ק�C�b Sun Java System Messaging Sever �t�m���� Messenger Express �S�w�ѼơA�� UWC �ϥΪ̯��ϥ� Identity Server ���q�@�~�s�� Messenger Express�C

�� 4-2 �t�m Messaging Sever �t�m���� Messenger Express �S�w�ѼơA�� UWC �ϥΪ̯��ϥ� Identity Server ���q�@�~�s�� Messenger Express 

�Ѽ�

�d��

�γ~

local.webmail.sso.amnamingurl

 

���t�m�ҥ� Identity Server ���� SSO �\��C

�ܼ�3��� Identity Server ���R�W�A�Ȫ� URL�C

�Ҧp�A

configutil -o local. webmail.sso.amnamingurl -v http://siroe.example.com:85/amserver/namingservice

local.webmail.sso.uwcenabled

1

���\ UWC �ϥΪ̦s�� Messenger Express�C

local.webmail.sso.uwclogouturl

http://siroe.example.com:85/base/UWCmain?op=logout

�b�D�� URI (�Ҧp /uwc) �����p Communications Express �ɡA���Ѽƪ��Ȭ��G

http://siroe.example.com:85/uwc/base/UWCmain?op=logout

��w Messenger Express �ΨӨ� UWC ���q�@�~���Ī� URL�C

local.webmail.sso.uwcport

85

��w UWC HTTP �s����C

local.webmail.sso.uwccontexturi

uwc

��w���p UWC ����|�C

�u���� UWC ���p�b�D�� URI �ɤ~�n��w���ѼơC �Ҧp�A�p�G UWC ���p�b /uwc�A�h local.webmail.sso.uwccontexturi=uwc

local.webmail.sso.amcookiename

iPlanetDirectoryPro

��w Identity Sever ���q�@�~ cookie�C

�T�w�b uwcauth.properties �ɮפ��A uwcauth.appprefix ���ȳ]�� local.webmail.sso.amcookiename ���ȡC

local.webmail.sso.uwchome

 

��w�s�� Mast ���Y�����D���s���һݪ� url�C

UWC �P Identity Server SSO �@�P�B�@���覡

  1. �p�G�ҥ� Identity Server�A�h���ҥ� Identity Server ���A�ӥB cookie �]�w�� uwcauth.properties �ɤ��� uwcauth.identity.cookiename �ҫ�w���W�١C
  2. Communications Express �ϥ� Identity Server SDK �ǰe�ШD�� Identity Server �R�W URL�A�H���� cookie �O�_���ġC Identity Server �R�W URL �O�q��ƭȬ��H�U�榡����Ȥ��D��o�ӡG
  3. <protocol>://<host>:<port>/<content URI>

    �Ҧp�Ahttp://siroe.example.com:/amserver

    �Ҧp�Ahttp://siroe.com:80/amserver

  4. ���Ҧ��\���ҫ�AUWC �q SSO SDK ������ϥΪ� ID �P��´ DN�C
  5. UWC ���Ҭ��S�w�ϥΪ̱ҥΪ��A�ȡA�ëإߥ���q�@�~�C
  6. �� Identity ���q�@�~�O�ɡA�Ϊ̨ϥΪ̵n�X�� Identity ���q�@�~�Q�P���AUWC ���q�@�~�|���ġA�í��s�ɦV�� UWC �n�J���C


�� Messaging SSO �]�w��@�n�J

�o�@�`����p��� Messaging Server ��@�n�J�\��]�w�P�ϥ� Communications Express�C �t�m���F���|�]�w���j��ʪ� SSO ����ѼơC �z�����̷ӥH�U�Ĥ@�βĤG�`�ҥܤ�ʳ]�w�ݭn���ѼơC

�ϥ� Messaging SSO �ҥ� Communications Express

�z�i�H�ק� uwcauth.properties �ɤ����l��S�w�Ѽ� (�C���� 4-3 ��)�A�� Communications Express �ϥΪ̯��ϥ� Messaging SSO �s�� Messenger Express�C

�� 4-3 �t�m uwcauth.properties �ɤ����l��S�w�Ѽ�

�Ѽ�

�w�]��

�γ~

uwcauth.sessioncookie

JSESSIONID

��w servlet �e���ΨӰl�ܶ��q�@�~�� cookie �W�١C

uwcauth.appprefix

 

 

��w�D��3�ε{�����e��C

�e��O�ΨӴM���@�n�J�L�{���Ѩ�L�i�H��3�ε{���Ҳ��ͪ� cookie�C

�p�G���p�ϥ� Messaging SSO�A���ݩ�3�ӫ�w���T���ǰe�t�m�L�{���]�w�� local.webmail.sso.prefix �ȡC

uwcauth.appid

uwc

��w�]�t�D��3�ε{�����ߤ@3�ε{�� ID �� cookie �W�١C

uwcauth.cookiedomain

 

��w�x�s����@�n�J cookie �@���*����W�١C

�ȥ����H�p���I�� (.) �}�l�A�Ҧp�A�u.example.com�v(�?���X�檺�D��W�٬O siroe.example.com ��)�C

uwcauth.messagingsso.enable

 

True

�ҥΩΰ��ΰT���ǰe���Ҧ���@�n�J�\��C

�N���ѼƳ]���uTrue�v�i�ҥγ�@�n�J�A�]���uFalse�v�h���γ�@�n�J�C

uwcauth.messagingsso.cookiepath

/

��w�x�s����@�n�J cookie �@���*����θ�|�C

uwcauth.messagingsso.singlesignoff

True

�p�G�]���uTrue�v�AUWC �P Messenger Express ���q�@�~���|���ġA�ӥB�|�N�ϥΪ̭��s�ɦV�ܵn�J���C �_�h�A�u�� Messenger Express ���q�@�~�|���ġC

messagingsso.xxx.url

http://servername/ VerifySSO?

��w������ SSO cookie �� URL�C

xxx ����3�ӥΦ�A����3�ε{�� ID ��N�C

�Ҧp�A�p�G�n�� Messaging Server �ҥ�3�ε{�� ID ���umsg60�v�� SSO �\��A�z�����[�J�U�C�t�m�ѼơG

mesagingsso.msg60.url=http://servername/VerifySSO?

���B���Ϊ� xxx ��3�ӻP Messenger Express ���� local.webmail.sso.id ��w���ȧ����@�ˡC

messagingsso.uwc.url

 

 

http://servername:85/VerifySSO?

�� Communications Express ���p�b�D�� URI (�Ҧp /uwc) �ɡA�Ѽƪ��w�]�Ȭ��G

http://servername:85/uwc/VerifySSO?

��w UWC ��A�������� URL�C

�p�G���s��L�o����A���� uwcauth.appid �ȡA�бN messagingsso.uwc.url ���� uwc �H�s�� uwcauth.appid ��N�C

messagingsso.appid

ims

UWC �ϥγo�� cookie �M�w�O�_�n�� Messenger Express �o�X�n�X�ШD�C

messagingsso.appid ����3�ӻP�T���ǰe�t�m�L�{���]�w�� local.webmail.sso.id �@���C

�ϥ� Messaging SSO �ҥ� Messaging Server

�z�i�H�� configutil ���ε{�� (msg-svr_install_root/sbin/configutil) �ק�l��S�w�Ѽ� (�C���� 4-4 ��)�A�� UWC �ϥΪ̯��ϥ� Messaging SSO �s�� Messenger Express�C

�� 4-4 �t�m Messaging Server �t�m���� Messenger Express �ѼơA�� UWC �ϥΪ̯��ϥ� Messaging SSO �s�� Messenger Express 

�Ѽ�

�d��

�γ~

local.sso.<uwc-appid>.verifyurl

http://siroe.example.com:85/VerifySSO?

�� Communications Express ���p�b�D�� URI (�Ҧp /uwc) �ɡA�Ѽƪ��w�]�Ȭ��G

http://siroe.example.com:85/uwc/VerifySSO?

��w Messenger Express �ϥΪ� URL�A�Ψ����Ҩ㦳 UWC �� cookie�C

<uwc-appid> ����3�ӹ�3�� uwcauth.properties �ɤ����Ѫ� appid �ȡC

local.webmail.sso.cookiedomain

.example.com

���Ѽƪ��r��ȥΩ�]�w�� Messenger Express HTTP ��A���]�w���Ҧ� SSO cookie �� cookie ���ȡC

�ȥ����H�y�� (.) �}�l�A�Ҧp�A�u.example.com�v(�?���X�檺�D��W�٬O siroe.example.com ��)�C

�T�w�����Ѽƫ�w���ȻP uwcauth.cookiedomain ����J�ȬۦP

local.webmail.sso.enable

1

�ҥΩΰ��� Messaging SSO ����@�n�J�\��C

local.webmail.sso.ims.verifyurl

http://siroe.example.com/VerifySSO?

���B���] webmail ���p��s���� 80�C

��w������ SSO cookie �� URL�C

local.webmail.sso.prefix

 

��w�ΨӴM��Ѩ�L�i�H��3�ε{���� SSO �Ҳ��ͪ� cookie ���D��3�ε{���e��C

�T�w���ȹ�3�� uwcauth.appprefix ����J�ȡC

local.webmail.sso.singlesignoff

1

�p�G�]�� True�A��ϥΪ̵n�X�ɡA��A���|�����ŦX sso.apprefix �Ȫ��ϥΪ̪��Ҧ���@�n�J cookie�C

�p�G�]�� False�A��A���u�|�������@�n�J�ϥΪ� cookie�C

local.webmail.sso.uwcenabled

1

�ҥΩΰ��� UWC �ϥΪ̦s�� Messenger Express�C

local.webmail.sso.uwclogouturl

http://siroe.example.com:85/base/UWCMain?op=logout

�� Communications Express ���p�b�D�� URI (�Ҧp /uwc) �ɡA�Ѽƪ��w�]�Ȭ��G

http://siroe.example.com:85/uwc/base/UWCMain?op=logout

��w Messenger Express �ΨӨ� UWC ���q�@�~���Ī� URL�C

local.webmail.sso.uwcport

85

��w UWC HTTP �s����C

local.webmail.sso.uwccontexturi

uwc

��w���p UWC ����|�C

�u���� UWC ���p�b�D�� URI �ɤ~�n��w���ѼơC �Ҧp�A�p�G UWC ���p�b�u/uwc�v�A�h local.webmail.sso.uwccontexturi=uwc

local.webmail.sso.uwchome

http://www.sun.com

��w�s�� Mast ���Y�����D���s���һݪ� url�C

Communications Express �P Messaging SSO �@�P�B�@���覡

�� 4-1 �� Messaging SSO �]�w��@�n�J�\��

�b Identity Server ���s�b�����p�U�ҥγ�@�n�J�\��

��ϥΪ̵n�J Communications Express �ɡA�Τ@ Web �Τ�ݷ|���ҨϥΪ̡A�æb�s����@���q�@�~�� cookie�C �����q�@�~�� cookie �W�ٱĥΤU�C�榡�G

uwcauth.appprefix + "-" + uwcauth.appid.

�Y Messenger Express ���w�ҥ� SSO �\��A�h�q UWC �s�� Messenger Express �ɡG


�]�w Identity Server SSO �P Messaging SSO �@�P���Ѽ�


�`�N

Communications Express �P Messenger Express 3�ӥH�ۦP���q�T��w (http �� https) ���p�C


�� 4-5 �C�X uwcconfig.properties �ɤ����`�� UWC �S�w�ѼơC �t�m Communications Express �ɶ��]�w�o�ǰѼơC

�� 4-5 �t�m Communications Express �ɱ`�Ϊ� UWC �S�w�Ѽ�

�Ѽ�

�d��

�y�z

mail.deployed

True

�ҥΩΰ��� UWC �����l��s��C

�p�G�w���p Messenger Express�A�ݩʳ]���uTrue�v�C

webmail.host

siroe.example.com

��w Messenger Express (�� MEM) ���D��W�١C Messenger Express ���D��W��3�ӹ�3�� UWC ���D��W�١C

webmail.port

80

��w��� Messenger Express ���s���𸹽X�C


�b Communications Express ���s�� Messenger Express

Communications Express �|�̷ӤU�C���ǡA�ھ� LDAP �ݩʪ��ȨM�w�O�_��ϥΪ���� [�l��] ���ҡG

mailDeployed (appl level) -> inetDomainStatus(domain level) -> mailDomainStatus(domain level) -> inetUserStatus(user level) -> mailUserStatus(user level)

�Y�ݳo�� LDAP �ݩʪ��ԲӸ�T�A�аѾ\�uSun Java System Communications Services 6 Schema Reference Guide�v�C



�W�@��      �ؿ�      �d�      �U�@��     


Copyright © 2004 Sun Microsystems, Inc. ���v�Ҧ��C