Authentic — Administrator Guide : Service Provider Example: Candle : 俺約

 

Service Provider installation

Service Provider Example: Candle (CandleサンプルSP)

Candle is a Liberty Alliance Service Provider specifically designed to work with Authentic. You may prefer to install your own Service Provider, it may work without any problem if it is compliant with Liberty Alliance. Candle has the advantage of being developped by the Authentic team (the user interface is very similar, beware of confusion) and to be fully operationnal. (CandleはLAのSPでAuthenticと動くように設計しています。)

Authentic-like installation (Authneicと同じようにインストール)

To install Candle under Debian Sarge, just type as root:

echo 'deb http://deb.entrouvert.org/ sarge-experimental' \
  >> /etc/apt/sources.list

This command add the repository which contains all the required packages in your sources.list file.

Still as root type:

apt-get update
apt-get install candle

All the required packages are installed.

Concerning other distributions, download the sources on this site http://lasso.entrouvert.org/links and follow exactly the same steps as for the Authentic installation (Installation with another Linux distribution). (ソースからもできる)

Once the software is installed, the Candle administration interface is available http://candle.example.com/admin.

Public and private keys creation(パブリックキーとプライベートキーの作成)

If you don’t have pem format keys, you need to create them. To create a couple public key/private key with OpenSSL, use the following commands:

Create the private key in a file named name-of-the-private-key.pem:

openssl genrsa -out name-of-the-private-key.pem 2048

Extract the public key from the private key in a file named name-of-the-public-key.pem:

openssl rsa -in name-of-the-private-key.pem -pubout \
    -out name-of-the-public-key.pem
Service Provider creation (SPの作成)

Go on the Candle administration interface http://candle.example.com/admin. Click on the "Settings" tab then on the "Service Provider" link. (Candleの管理画面に行って”Setting”から”Service Provier”リンクをクリック)

the first two fields are automatically filled don’t play with them unless you know what you are doing. (最初の2フィールドはいじるな)

Fields:

  • Provider ID (an username which necessarily a URL); (プロバイダーID)
  • Base URL (All the Liberty Alliance required URLs are under this base URL); (ベースURL)
  • Organisation Name (name of the organisation which manages the identity provider); (組織名)
  • Private Key (pem format private key); (プライベートキー。)
  • Public Key (pem format public key); (パブリックキー)
  • Identity Provider Introduction, Common Domain (the Identity Provider Introduction is a Liberty Alliance mechanism allowing an Identity Provider, for a particular domain, to create a cookie on the client machine. This is useful when several Identity Providers are associated to a Service Provider: this cookie can associate the Service Providers within a domain with the Identity Provider which delivered the cookie.); (IdPイントロダクション、共通ドメイン)
Saving the metadata file(メタデータの保存)

In the Candle administration interface you can save the metadata file. This is usefull when it comes to declare Candle as Service Provider on Authentic. Proceed as follow:

  • click on the "Settings" tab;
  • you see a link " Service Provider Metadata". Do a right click and "save the link target as";
  • choose the file name (for example metadata-candle.xml) and the place you want to save it.

Authentic — Administrator Guide

カテゴリー: 未分類 パーマリンク

コメントを残す

以下に詳細を記入するか、アイコンをクリックしてログインしてください。

WordPress.com ロゴ

WordPress.com アカウントを使ってコメントしています。 ログアウト / 変更 )

Twitter 画像

Twitter アカウントを使ってコメントしています。 ログアウト / 変更 )

Facebook の写真

Facebook アカウントを使ってコメントしています。 ログアウト / 変更 )

Google+ フォト

Google+ アカウントを使ってコメントしています。 ログアウト / 変更 )

%s と連携中