![]() | |
Sun™ Identity Manager 8.0 ÇÛÈ÷¥Ä¡¼¥ë |
Âè 5 ¾Ï
Identity Manager Web ¥µ¡¼¥Ó¥¹¤Ç¤Î SPML 2.0 ¤Î»ÈÍѤ³¤Î¾Ï¤Ç¤Ï¡¢Identity Manager 8.0 ¤Ç¥µ¥Ý¡¼¥È¤µ¤ì¤ë SPML 2.0 ¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Æ¤¤¤Þ¤¹¡£¤³¤ì¤Ë¤Ï¡¢¥µ¥Ý¡¼¥È¤µ¤ì¤ëµ¡Ç½¤È¤½¤ÎÍýͳ¡¢SPML 2.0 ¥µ¥Ý¡¼¥È¤ÎÀßÄêÊýË¡¡¢¥Õ¥£¡¼¥ë¥É¤Ç¤Î¥µ¥Ý¡¼¥È¤Î³ÈÄ¥ÊýË¡¤¬´Þ¤Þ¤ì¤Þ¤¹¡£
Ãí
¤³¤Î¾Ï¤Ç¤Ï¡¢SPML 2.0 ¤Î¤ß¤ò°·¤¤¤Þ¤¹¡£ÆÃ¤ËÌÀµ¤µ¤ì¤Æ¤¤¤Ê¤¤¤«¤®¤ê¡¢¤³¤Î¾Ï¤Ç¤Î SPML ¤Ø¤Î»²¾È¤Ï¤¹¤Ù¤Æ version 2.0 ¤ò¼¨¤·¤Æ¤¤¤Þ¤¹¡£
SPML ¤Î»ÈÍÑÊýË¡¤Ë¤Ä¤¤¤Æ¡¢ÌòΩ¤Ä¾ðÊó¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¡¢Âè 4 ¾Ï¡ÖIdentity Manager Web ¥µ¡¼¥Ó¥¹¤Ç¤Î SPML 1.0 ¤Î»ÈÍѡפâÆÉ¤Þ¤ì¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£
¤³¤Î¾ðÊó¤Ï¡¢¼¡¤Î¤è¤¦¤Ë¹½À®¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
³«»Ï¤¹¤ëÁ°¤ËIdentity Manager Web ¥µ¡¼¥Ó¥¹¤ÎÁàºî¤ò³«»Ï¤¹¤ëÁ°¤Ë¡¢°Ê²¼¤ÎÀá¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£
ÂÐ¾ÝÆÉ¼Ô
¤³¤Î¾Ï¤Ï¡¢¥¢¥×¥ê¥±¡¼¥·¥ç¥ó³«È¯¼Ô¤ª¤è¤Ó Identity Manager ¤ÎÇÛÈ÷¡¢¼ê³¤·¿¥í¥¸¥Ã¥¯¤Î¼ÂÁõ¡¢SPML 2.0 ¥¯¥é¥¹¤ò»ÈÍѤ·¤¿¥µ¡¼¥Ó¥¹¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°Í×µá¥á¥Ã¥»¡¼¥¸¤Î¥Õ¥©¡¼¥Þ¥Ã¥È¤ä±þÅú¥á¥Ã¥»¡¼¥¸¤Î²òÀϤʤɤòôÅö¤¹¤ë³«È¯¼Ô¤òÂоݤȤ·¤Æ¤¤¤Þ¤¹¡£
½ÅÍפÊÃí°ÕÅÀ
SPML 2.0 ¤òÁàºî¤¹¤ëÁ°¤Ë¡¢¼¡¤Î»öÊÁ¤ËÃí°Õ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
- Identity Manager Web ¥µ¡¼¥Ó¥¹¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ÎÁàºî¤ÇºÇ¹â¤Î¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹¤òÆÀ¤ë¤Ë¤Ï¡¢Identity Manager ¤ËƱº¤µ¤ì¤Æ¤¤¤ë OpenSPML ¥Ä¡¼¥ë¥¥Ã¥È¤ò»ÈÍѤ·¤Æ¤¯¤À¤µ¤¤¡£ http://www.openspml.org/ Web ¥µ¥¤¥È¤Ë¤¢¤ë openspml.jar ¥Õ¥¡¥¤¥ë¤ò»ÈÍѤ¹¤ë¤È¡¢¥á¥â¥ê¡¼¥ê¡¼¥¯¤¬È¯À¸¤¹¤ë²ÄǽÀ¤¬¤¢¤ê¤Þ¤¹¡£
- SPML 2.0 ¤ò¼ÂÁõ¤¹¤ë¤È¤¤Ï¡¢¥¹¥¡¼¥Þ¤Ë spml2ObjectClass °À¤òÄɲ乤ë¤è¤¦¤ËÀßÄê¤òÊѹ¹¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£°ÊÁ°¤Î¥ê¥ê¡¼¥¹¤ÇÄ󶡤µ¤ì¤¿ objectclass °ÀÃͤϡ¢¸½ºß spml2ObjectClass °À¤È¤·¤Æ°Ý»ý¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
- SPML 2.0 ¤ò»ÈÍѤ·¤Æ Identity Manager Service Provider (¥µ¡¼¥Ó¥¹¥×¥í¥Ð¥¤¥À) µ¡Ç½¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤³¤È¤Ï¤Ç¤¤Þ¤»¤ó¡£¤³¤ì¤é¤Îµ¡Ç½¤Ï¡¢SPML version 1.0 ¤Ç»ÈÍѤǤ¤Þ¤¹¡£
´ØÏ¢¥É¥¥å¥á¥ó¥È¤È Web ¥µ¥¤¥È
SPML ¤Î»ÈÍÑÊýË¡¤Ë´Ø¤¹¤ë¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢¤³¤Î¾Ï¤ÇÄ󶡤µ¤ì¤ë¾ðÊó¤Î¤Û¤«¤Ë¡¢¤³¤ÎÀá¤Ç¼¨¤¹¥Þ¥Ë¥å¥¢¥ë¤ª¤è¤Ó Web ¥µ¥¤¥È¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
¿ä¾©¥É¥¥å¥á¥ó¥È
SPML version 1.0 ¤Î»ÈÍÑÊýË¡¤Î¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢Ëܽñ¤ÎÂè 4 ¾Ï¡ÖIdentity Manager Web ¥µ¡¼¥Ó¥¹¤Ç¤Î SPML 1.0 ¤Î»ÈÍѡפò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
ÍÍÑ¤Ê Web ¥µ¥¤¥È
OpenSPML ¤Î»ÈÍÑÊýË¡¤ò»²¾È¤·¤¿¤ê¡¢SPML 2.0 »ÅÍͤòÆÉ¤ó¤À¤ê¡¢OpenSPML 2.0 Toolkit ¤ò¥À¥¦¥ó¥í¡¼¥É¤·¤¿¤ê¤¹¤ë¤Ë¤Ï¡¢¼¡¤Î Web ¥µ¥¤¥È¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤¯¤À¤µ¤¤¡£
³µÍפ³¤ÎÀá¤Ç¤Ï¡¢SPML 2.0 ¤Ë´Ø¤¹¤ë°Ê²¼¤Î°ìÉô¤Î´ðËÜŪ¤Ê³µÇ°¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
SPML 2.0 ¤È SPML 1.0 ¤ÎÈæ³Ó
Identity Manager ¤Î Web ¥µ¡¼¥Ó¥¹¤Ï¡¢¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°¥·¥¹¥Æ¥à¤È¤ÎÄÌ¿®¤Î¤¿¤á¤Ë¡¢XML ¤ò»ÈÍѤ·¤¿¥µ¡¼¥Ó¥¹¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°¤Î¤¿¤á¤Î¥ª¡¼¥×¥ó¤Êɸ½àµ¬³Ê¤Ç¤¢¤ë SPML version 1.0 ¤ª¤è¤Ó version 2.0 ¤ÎξÊý¤Î¥×¥í¥È¥³¥ë¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
Ãí
Identity Manager ¤Ç¤Î SPML version 1.0 ¤Î»ÈÍÑÊýË¡¤Î¾ÜºÙ¤Ï¡¢Âè 4 ¾Ï¡ÖIdentity Manager Web ¥µ¡¼¥Ó¥¹¤Ç¤Î SPML 1.0 ¤Î»ÈÍѡפò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
SPML 2.0 ¤Ï SPML 1.0 ¤ÈÈæ³Ó¤·¤Æ¡¢¼¡¤ò´Þ¤à¡¢Â¿¤¯¤ÎÅÀ¤¬²þÁ±¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
- SPML 1.0 ¤Ï DSML ¤ò¿¾¯²þÎɤ·¤¿¤â¤Î¤È¹Í¤¨¤é¤ì¤Æ¤¤¤Þ¤·¤¿¤¬¡¢SPML 2.0 ¤Ï¡¢XML Schema ¥×¥í¥Õ¥¡¥¤¥ë¤Ë²Ã¤¨¤Æ DSML ¥×¥í¥Õ¥¡¥¤¥ë¤â¥µ¥Ý¡¼¥È¤¹¤ë³ÈÄ¥²Äǽ¤Ê¥×¥í¥È¥³¥ë¤ò¡¢°ìÏ¢¤Îµ¡Ç½¤òÄ̤¸¤ÆÄêµÁ¤·¤Æ¤¤¤Þ¤¹¡£SPML 2.0 ¤Ï¡¢¥×¥í¥È¥³¥ë¼«ÂΤȡ¢¤½¤Î¥×¥í¥È¥³¥ë¤Ë¤è¤Ã¤ÆÅÁÁ÷¤µ¤ì¤ë¥Ç¡¼¥¿¤ò¶èÊ̤·¤Æ¤¤¤Þ¤¹¡£
- SPML 2.0 ¥×¥í¥È¥³¥ë¤Ç¤Ï¡¢ÆÃ¤Ë 1.0 ¤Ë¸ºß¤¹¤ë¥³¥¢µ¡Ç½¤Ë´Ø¤·¤Æ¡¢¥Ù¥ó¥À¡¼´Ö¤ÎÁê¸ß±¿ÍÑÀ¤Î¸þ¾å¤¬¼Â¸½¤·¤Æ¤¤¤Þ¤¹¡£
- SPML 2.0 ¤Ç¤Ï¡¢¥æ¡¼¥¶¡¼¤¬µ¡Ç½¤ò³ÈÄ¥¤·¡¢¾Íè¿·¤·¤¤µ¡Ç½¤òÄɲäǤ¤ë¤è¤¦¤Ë¤¹¤ëÄɲäε¡Ç½ (ɽ 5-1 ¤ò»²¾È) ¤¬ÍѰդµ¤ì¤Æ¤¤¤Þ¤¹¡£
SPML 2.0 ¤Î³µÇ°¤Î Identity Manager ¤Ø¤Î¥Þ¥Ã¥Ô¥ó¥°
SPML 2.0 ¤Ç¤Ï¡¢¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°¥·¥¹¥Æ¥à¤Ë¤è¤Ã¤Æ´ÉÍý¤µ¤ì¤ë¥ª¥Ö¥¸¥§¥¯¥È¤òÀâÌÀ¤¹¤ë¤¿¤á¤Ë¡¢ÆÈ¼«¤ÎÍѸ줬»ÈÍѤµ¤ì¤Æ¤¤¤Þ¤¹¡£
Ãí
OpenSPML 2.0 »ÅÍÍ (http://www.openspml.org/) ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
¤³¤ÎÀá¤Ç¤Ï¡¢¼¡¤Î SPML 2.0 ¤Î³µÇ°¤¬ Identity Manager ¤Ë¤É¤Î¤è¤¦¤Ë¥Þ¥Ã¥×¤µ¤ì¤ë¤«¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
¥¿¡¼¥²¥Ã¥È
¥¿¡¼¥²¥Ã¥È¤Ï¡¢¥µ¡¼¥Ð¡¼Æâ¤ÎÏÀÍý½ªÃ¼¤Ç¤¹¡£³Æ¥¿¡¼¥²¥Ã¥È¤Ë¤Ï̾Á°¤¬ÉÕ¤±¤é¤ì¡¢¤½¤Î¥¿¡¼¥²¥Ã¥È¤¬´ÉÍý¤¹¤ë¥ª¥Ö¥¸¥§¥¯¥È (¼¡¤Î¡ÖPSO¡×¤ò»²¾È) ¤Î¥¹¥¡¼¥Þ¤òÀë¸À¤·¤Þ¤¹¡£¥¿¡¼¥²¥Ã¥È¤Ï¥µ¥Ý¡¼¥È¤µ¤ì¤ëµ¡Ç½ (Í×µá¤Î¥»¥Ã¥È) ¤âÀë¸À¤·¤Þ¤¹¡£
¸½»þÅÀ¤Ç¡¢Identity Manager ¤Ç¤Ï 1 ¤Ä¤Î¥¿¡¼¥²¥Ã¥È¤Î¤ß¤¬¥µ¥Ý¡¼¥È¤µ¤ì¤Æ¤ª¤ê¡¢Ê£¿ô¤Î¥¿¡¼¥²¥Ã¥È¤òÀë¸À¤¹¤ë¤³¤È¤Ï¤Ç¤¤Þ¤»¤ó¡£¤³¤Î¥¿¡¼¥²¥Ã¥È¤Ë¤ÏǤ°Õ¤Î̾Á°¤òÉÕ¤±¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¤¬¡¢¥Ç¡¼¥¿¥ª¥Ö¥¸¥§¥¯¥È¤Î·Á¼°¤Ï DSML ¥×¥í¥Õ¥¡¥¤¥ë¤ËŬ¹ç¤·¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
¥µ¥Ý¡¼¥È¤µ¤ì¤ë¥¿¡¼¥²¥Ã¥È¤Ï¡¢spml2.xml ¥Õ¥¡¥¤¥ë (Configuration:SPML2 ¥ª¥Ö¥¸¥§¥¯¥È) ¤ÇÄêµÁ¤µ¤ì¤Æ¤¤¤ë¥¿¡¼¥²¥Ã¥È¤Ç¤¹¡£¤¿¤È¤¨¤Ð¡¢¥³¡¼¥ÉÎã 5-6 ¤Ç¡¢ListTargetResponse ¤Ï 1 ¤Ä¤Î¥¿¡¼¥²¥Ã¥È spml2-DSML-Target ¤òÊÖ¤·¤Þ¤¹¡£
PSO
Á°¤Î¹à¤ÇÀâÌÀ¤·¤¿¤è¤¦¤Ë¡¢¥¿¡¼¥²¥Ã¥È¤Ï PSO ¤ò´ÉÍý¤·¤Þ¤¹¡£PSO (¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°¥µ¡¼¥Ó¥¹¥ª¥Ö¥¸¥§¥¯¥È) ¤Ï Identity Manager ¤Î¥Ó¥å¡¼¤Ë»÷¤Æ¤¤¤Þ¤¹¤¬¡¢Æ°ºî¤ò»ý¤Ã¤Æ¤¤¤Þ¤»¤ó¡£¤Ä¤Þ¤ê¡¢PSO ¤Ï Identity Manager ¤Î¥Ó¥å¡¼ (ÆÃ¤Ë¥æ¡¼¥¶¡¼¥Ó¥å¡¼) ¤Î¥Ç¡¼¥¿Éôʬ¤È¤·¤Æ¹Í¤¨¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
Ãí
Identity Manager ¤Ï¡¢¥æ¡¼¥¶¡¼¤Î¤ß¤ò´ÉÍý¤·¡¢spml2ObjectClass ¤È¸Æ¤Ð¤ì¤ë¥æ¡¼¥¶¡¼¤Î³Èĥ°À¤ÎÄêµÁ¤òÍ׵ᤷ¤Þ¤¹¡£
Identity Manager ¤ÎÌÜŪ¤È¤·¤Æ¡¢PSO ¤Ï¡¢¥Õ¥©¡¼¥à¤ò²ð¤·¤Æ¥æ¡¼¥¶¡¼¥Ó¥å¡¼¤È¤Î´Ö¤Ç¥Þ¥Ã¥×¤µ¤ì¤ë°À¤Î¥³¥ì¥¯¥·¥ç¥ó¤Ë¤Ê¤ê¤Þ¤¹¡£³Æ¥ª¥Ö¥¸¥§¥¯¥È¤Ï objectclass °À¤ò»ØÄꤷ¤Þ¤¹¡£¤³¤Î°À¤Ï¡¢¥¿¡¼¥²¥Ã¥È¤ËÂФ·¤ÆÄêµÁ¤µ¤ì¤ë¥¹¥¡¼¥ÞÆâ¤Î objectclass ÄêµÁ¤Ë¡¢¥ª¥Ö¥¸¥§¥¯¥È¤ò¥Þ¥Ã¥×¤¹¤ë¤¿¤á¤Ë»ÈÍѤµ¤ì¤Þ¤¹¡£¼¡¤Ë¡¢¤³¤Î°À¤Ï¡¢¼¡¤Î¥Õ¥©¡¼¥à¤ò¸¡º÷¤¹¤ë¤¿¤á¤Ë»ÈÍѤµ¤ì¤Þ¤¹¡£
PSOIdentifier
SPML ¤Ë¤Ï¡¢PsoID ¤È¸Æ¤Ð¤ì¤ë¥ª¥Ö¥¸¥§¥¯¥È ID ¤¬Â¸ºß¤·¤Þ¤¹¡£
OASIS SPML 2.0 »ÅÍͤϡ¢PSOIdentifiers (PsoID) ¤òÍ׵ḵ (¥¯¥é¥¤¥¢¥ó¥È) ¤«¤é±£¤¹¤³¤È¤ò¿ä¾©¤·¤Æ¤¤¤Þ¤¹¡£¤³¤Î¤¿¤á¡¢Identity Manager ¤Ï¡¢¥·¥¹¥Æ¥à¤Ë PSO ¤òÄɲ乤ë¤È¤¤Ë¡¢PsoID ¤È¤·¤Æ¥ê¥Ý¥¸¥È¥ê ID (repoID) ¤ò»ÈÍѤ·¤Þ¤¹¡£
repoID ¤Ï¼±ÊÌÍѤΠID ¤Ç¤¢¤ê¡¢¥æ¡¼¥¶¡¼¤ËÂФ¹¤ëÄ󼨤ÏÁÛÄꤵ¤ì¤Æ¤¤¤Þ¤»¤ó¡£Í׵ḵ¤¬¥æ¡¼¥¶¡¼¤Ë PSO ¤òɽ¼¨¤¹¤ë¤È¤¡¢Í׵ḵ¤Ï¥ª¥Ö¥¸¥§¥¯¥È¤Î ID ¤òÄ󼨤¹¤ëÌÜŪ¤Ç¡¢Æ±Åù¤Î waveset.accountid (¤Þ¤¿¤Ï¡¢Identity ¥Æ¥ó¥×¥ì¡¼¥ÈÆâ¤Ç°À¤¬»ÈÍѤµ¤ì¤Æ¤¤¤ë¤â¤Î) ¤ò»ÈÍѤ¹¤ë¤è¤¦¤Ë¤·¤Þ¤¹¡£
ModifyRequest ¤Ê¤É¤Ç) PSO ¤ò¼±Ê̤¹¤ë¤È¤¡¢Í׵ḵ¤Ï waveset.accountId ¤Ç¤Ï¤Ê¤¯ repoID ¤ò»ÈÍѤ¹¤ë¤è¤¦¤Ë¤·¤Þ¤¹¡£Í׵ḵ¤Ï waveset.accountId ¤ò PSOIdentifier ¤È¤·¤Æ»ÈÍѤ¹¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¤¬¡¢¿ä¾©¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£¤³¤Î°À¤Ï¾Íè¤Î¥ê¥ê¡¼¥¹¤ÇÊѹ¹¤µ¤ì¤ë²ÄǽÀ¤¬¤¢¤ê¤Þ¤¹¡£Í׵ḵ¤Ï PsoID ¤ÎÉÔÆ©ÌÀÀ¤ò¡¢¤Ç¤¤ë¤«¤®¤ê°Ý»ý¤¹¤ë¤³¤È¤¬¿ä¾©¤µ¤ì¤Þ¤¹¡£
PSO ¤Ç¤Ï¡¢objectclass °À¤ò»ÈÍѤ·¤Æ¥ª¥Ö¥¸¥§¥¯¥È¥¿¥¤¥×¤ò»ØÄꤷ¤Þ¤¹¡£Identity Manager ¤Ç¤Ï¡¢Í׵᤬¹Ô¤ï¤ì¤¿¤È¤¤Ë¡¢¤³¤Î°À¤¬Â¸ºß¤·¤Ê¤¤¾ì¹ç¡¢SPMLUser ¤Ê¤É¤Î¡Ö¥Ç¥Õ¥©¥ë¥È¡×objectclass ¤ò»ØÄꤷ¡¢»ÈÍѤ¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£ÆâÉôŪ¤Ë¤Ï¡¢objectclass ¤ÎÃͤϥ桼¥¶¡¼ÍÑ¤Ë spml2ObjectClass °À¤È¤·¤Æ°Ý»ý¤µ¤ì¤Þ¤¹¡£Identity Manager ¤Ç¤Ï¡¢¤³¤Î°À¤Ï¥æ¡¼¥¶¡¼³Èĥ°À¤Ç¤¢¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£SPML 2.0 ¤ò͸ú¤Ë¤¹¤ë°ÊÁ°¤«¤é¸ºß¤·¤Æ¤¤¤¿¥æ¡¼¥¶¡¼¤Ë¤Ä¤¤¤Æ¤Ï¡¢spml2ObjectClass °À¤ò¸«¤Ä¤±¤é¤ì¤Ê¤¤²ÄǽÀ¤¬¤¢¤ê¤Þ¤¹¡£
¥ª¡¼¥×¥ó¥³¥ó¥Æ¥ó¥Ä¤È¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À
SPML ¤Î .xsd ¥Õ¥¡¥¤¥ë¤Ç¤Ï¡¢»ÅÍͤÎÃæ¤Ç¥ª¡¼¥×¥ó¥³¥ó¥Æ¥ó¥Ä¤È¤·¤ÆÄêµÁ¤µ¤ì¤Æ¤¤¤ëÍ×ÁǤò¼±Ê̤¹¤ë¤¿¤á¤Ë¡¢xsd:any ¤¬ÉÑÈˤ˻ÈÍѤµ¤ì¤Æ¤¤¤Þ¤¹¡£SPML ¤Ç¤Î¥ª¡¼¥×¥ó¥³¥ó¥Æ¥ó¥Ä¤È¤Ï¡¢¤Û¤È¤ó¤É¤ÎÍ×ÁǤ¬Ç¤°Õ¤Î¥¿¥¤¥×¤ÎÍ×ÁǤò´Þ¤à¤³¤È¤¬¤Ç¤¤ë¤È¤¤¤¦°ÕÌ£¤Ç¤¹¡£Identity Manager ¤Ç¤Ï¤³¤Î³µÇ°¤òÍøÍѤ·¤Æ¡¢½èÍý¤òÀ©¸æ¤¹¤ë OperationalNVPs (NameValuePairs) ¤ª¤è¤Ó OperationalAttributes ¤òÄ󶡤·¤Æ¤¤¤Þ¤¹¡£OperationalNVPs ¤Ï XML Æâ¤ÎÍ×ÁǤȤ·¤Æ½Ð¸½¤¹¤ë°ìÊý¤Ç¡¢¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À¤Ï°À¤È¤·¤Æ½Ð¸½¤·¤Þ¤¹¡£¾ÜºÙ¤Ï¡¢OpenSPML 2.0 Toolkit (http://www.openspml.org) ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
OperationalNVPs ¤ª¤è¤Ó¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À¤Ë¤Ä¤¤¤Æ¤Ï¡¢¡Ö¥µ¥Ý¡¼¥È¤µ¤ì¤ë SPML 2.0 ¤Îµ¡Ç½¡×¤ÎÀá¤Ç¾Ü¤·¤¯ÀâÌÀ¤·¤Þ¤¹¡£¤¿¤À¤·¡¢ListTargets ¤ò½ü¤¯¤¹¤Ù¤Æ¤ÎÍ׵ᤪ¤è¤Ó¤¹¤Ù¤Æ¤Î±þÅú¤Ç¡¢»ÈÍѤ¹¤ë NVP ¤Ï 1 ¤Ä¤Ç¤¹¡£Identity Manager ¤Ï¡¢session ¤È¤¤¤¦ OperationalNVP ¤Ë sessionToken ¤ò³ÊǼ¤·¤Þ¤¹¡£¤³¤ì¤Ë¤è¤ê¡¢¥·¥¹¥Æ¥à¤Ï¥æ¡¼¥¶¡¼¤ÎÂå¤ï¤ê¤Ë¼«Æ°Åª¤Ë¥»¥Ã¥·¥ç¥ó¤ò¥¥ã¥Ã¥·¥å¤·¤Æ¡¢½èÍý¸úΨ¤ò²þÁ±¤Ç¤¤Þ¤¹¡£
¥µ¥Ý¡¼¥È¤µ¤ì¤ë SPML 2.0 ¤Îµ¡Ç½
Identity Manager ¤Ï DSML ¥×¥í¥Õ¥¡¥¤¥ë¤ò»ÈÍѤ·¤Æ¡¢SPML 2.0 »ÅÍͤΤ¹¤Ù¤Æ¤Î¥³¥¢µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£Identity Manager ¤Ï¡¢Batch ¤ä Async ¤Ê¤É¤Î°ìÉô¤Î¥ª¥×¥·¥ç¥óɸ½àµ¡Ç½¤â¥µ¥Ý¡¼¥È¤·¡¢Bulk ¤Ê¤É¤Î°ìÉô¤Îɸ½àµ¡Ç½¤Ë¤Ä¤¤¤Æ¤ÏÉôʬŪ¤Ë¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
¤³¤ÎÀá¤Ç¤Ï¡¢Identity Manager ¤Ç¥µ¥Ý¡¼¥È¤µ¤ì¤Æ¤¤¤ë SPML 2.0 ¤Îµ¡Ç½¡¢Identity Manager ¤Ç°Õ¿ÞŪ¤Ë²Ã¤¨¤é¤ì¤¿»ÅÍͤª¤è¤Ó¥×¥í¥Õ¥¡¥¤¥ëʸ½ñ¤È¤ÎÁê°ãÅÀ¡¢¤ª¤è¤Ó¡¢Identity Manager ¤Çɬ¿Ü¤Î¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
¤³¤Î¾ðÊó¤Ï¼¡¤Î³ÆÀá¤Ç¹½À®¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¥³¥¢µ¡Ç½
Identity Manager ¤Ï¡¢¼¡¤Î¥³¥¢µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Æ¤¤¤Þ¤¹¡£
AddRequest ¤ª¤è¤Ó ListTargetRequest ¤ÎÎã¤ò¼¡¤Ë¼¨¤·¤Þ¤¹¡£
AddRequest ¤ÎÎã
¤³¤³¤Ç¤Ï¡¢AddRequest ¤ÎÎã¤ò¤¤¤¯¤Ä¤«¼¨¤·¤Þ¤¹¡£
¼¡¤ÎÎã¤Ï¡¢Identity Manager ¤Î SessionAwareSpml2Client ¥¯¥é¥¹¤òÄ̤·¤Æ ListTargetsRequest ¤ò¸Æ¤Ó½Ð¤¹ .jsp ¤Ç¤¹¡£
¥³¡¼¥ÉÎã 5-2 ¤Ï¡¢Á÷¿®¤µ¤ì¤ë SPML 2.0 ¤ÎÍ×µá¤ò¼¨¤·¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-2 Í×µá XML ¤ÎÎã
<addRequest xmlns='urn:oasis:names:tc:SPML:2:0' requestID='rid-spmlv2' executionMode='synchronous'>
<openspml:operationalNameValuePair xmlns:openspml='urn:org:openspml:v2:util:xml' name='session' value='AAALPgAAYD0A...'/>
<data>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='accountId'>
<dsml:value>exampleSpml2Person</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='objectclass'>
<dsml:value>spml2Person</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='credentials'>
<dsml:value>pwdpwd</dsml:value>
</dsml:attr>
</data>
</addRequest>
¥³¡¼¥ÉÎã 5-3 ¤Ï¡¢¥¯¥é¥¤¥¢¥ó¥È¤ËÊÖ¤µ¤ì¤ë SPML Í×µá¤ÎËÜÂΤò¼¨¤·¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-3 ±þÅú XML ¤ÎÎã
<addResponse xmlns='urn:oasis:names:tc:SPML:2:0' status='success' requestID='rid-spmlv2'>
<openspml:operationalNameValuePair xmlns:openspml='urn:org:openspml:v2:util:xml' name='session' value='AAALPgAAYD0A...'/>
<pso>
<psoID ID='anSpml2Person'/>
<data>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='accountId'>
<dsml:value>anSpml2Person</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='objectclass'>
<dsml:value>spml2Person</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='credentials'>
<dsml:value>pwdpwd</dsml:value>
</dsml:attr>
</data>
</pso>
</addResponse>
ListTargetsRequest ¤ÎÎã
¼¡¤ÎÎã¤Ï¡¢Identity Manager ¤ò²ð¤·¤ÆÍøÍѲÄǽ¤Ê ListsTargetRequest ¤ò¼¨¤·¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-4 ¤Ï¡¢Identity Manager ¤Î SessionAwareSpml2Client ¥¯¥é¥¹¤òÄ̤·¤Æ ListTargetsRequest ¤ò¸Æ¤Ó½Ð¤¹ .jsp ¤ò¼¨¤·¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-4 ¥¯¥é¥¤¥¢¥ó¥È¥³¡¼¥É¤ÎÎã
<%@page contentType="text/html"%>
<%@page import="org.openspml.v2.client.*,
com.sun.idm.rpc.spml2.SessionAwareSpml2Client"%>
<%@page import="org.openspml.v2.profiles.dsml.*"%>
<%@page import="org.openspml.v2.profiles.*"%>
<%@page import="org.openspml.v2.util.xml.*"%>
<%@page import="org.openspml.v2.msg.*"%>
<%@page import="org.openspml.v2.msg.spml.*"%>
<%@page import="org.openspml.v2.util.*"%>
<%
final String url = "http://host:port/idm/servlet/openspml2";
%>
<html>
<head><title>SPML2 Test</title></head>
<body>
<%
// ¥¯¥é¥¤¥¢¥ó¥È¤¬É¬Íס£
SessionAwareSpml2Client client = new SessionAwareSpml2Client( url );
// ¥í¥°¥¤¥ó (ListTargetsRequest ¤òÁ÷¿®¤¹¤ë)
Response res = client.login("configurator", "password");
%>
<%= res.toString()%>
</body>
</html>
¥³¡¼¥ÉÎã 5-5 ¤Ï¡¢Á÷¿®¤µ¤ì¤ë SPML Í×µá¤ÎËÜÂΤò¼¨¤·¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-5 Í×µá XML ¤ÎÎã
<listTargetsRequest xmlns='urn:oasis:names:tc:SPML:2:0' requestID='rid[7013]' executionMode='synchronous'>
<openspml:operationalNameValuePair xmlns:openspml='urn:org:openspml:v2:util:xml' name='accountId' value='configurator'/>
<openspml:operationalNameValuePair xmlns:openspml='urn:org:openspml:v2:util:xml' name='password' value='password'/>
</listTargetsRequest>
¥³¡¼¥ÉÎã 5-6 ¤Ï¡¢¥¯¥é¥¤¥¢¥ó¥È¤¬¼õ¿®¤¹¤ë (¥¯¥é¥¤¥¢¥ó¥È¤ËÊÖ¤µ¤ì¤ë) SPML Í×µá¤ÎËÜÂΤò¼¨¤·¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-6 ±þÅú XML ¤ÎÎã
<listTargetsResponse xmlns='urn:oasis:names:tc:SPML:2:0' status='success' requestID='rid[6843]'>
<openspml:operationalNameValuePair xmlns:openspml='urn:org:openspml:v2:util:xml'
name='session' value='AAALPgAAYD0A...'/><target targetID='spml2-DSML-Target' profile='urn:oasis:names:tc:SPML:2:0:DSML'>
<¥¹¥¡¼¥Þ>
<spmldsml:schema xmlns:spmldsml='urn:oasis:names:tc:SPML:2:0:DSML'>
<spmldsml:objectClassDefinition name='spml2Person'>
<spmldsml:memberAttributes>
<spmldsml:attributeDefinitionReference required='true' name='objectclass'/>
<spmldsml:attributeDefinitionReference required='true' name='accountId'/>
<spmldsml:attributeDefinitionReference required='true' name='credentials'/>
<spmldsml:attributeDefinitionReference name='firstname'/>
<spmldsml:attributeDefinitionReference name='lastname'/>
<spmldsml:attributeDefinitionReference name='emailAddress'/>
</spmldsml:memberAttributes>
</spmldsml:objectClassDefinition>
<spmldsml:attributeDefinition name='objectclass'/>
<spmldsml:attributeDefinition description='Account Id' name='accountId'/>
<spmldsml:attributeDefinition description='Credentials, e.g. password'
name='credentials'/><spmldsml:attributeDefinition description='First Name' name='firstname'/>
<spmldsml:attributeDefinition description='Last Name' name='lastname'/>
<spmldsml:attributeDefinition description='Email Address' name='emailAddress'/>
</spmldsml:schema>
<supportedSchemaEntity entityName='spml2Person'/>
</schema>
<µ¡Ç‡yen;>
<capability namespaceURI='urn:oasis:names:tc:SPML:2:0:async'/>
<capability namespaceURI='urn:oasis:names:tc:SPML:2:0:batch'/>
<capability namespaceURI='urn:oasis:names:tc:SPML:2:0:bulk'/>
<capability namespaceURI='urn:oasis:names:tc:SPML:2:0:pass'/>
<capability namespaceURI='urn:oasis:names:tc:SPML:2:0:suspend'/>
</capabilities>
</target>
</listTargetsResponse>
Async µ¡Ç½
Identity Manager ¤Ï¡¢É½ 5-3 ¤ÇÀâÌÀ¤·¤¿ Async µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
ɽ 5-3 Async µ¡Ç½
µ¡Ç½
ÀâÌÀ
¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À
Áê°ãÅÀ
CancelRequest
Í×µá ID ¤ò»ÈÍѤ·¤ÆÍ×µá¤ò¥¥ã¥ó¥»¥ë¤·¤Þ¤¹¡£
¤Ê¤·
StatusRequest
Í×µá ID ¤ò»ÈÍѤ·¤ÆÍ×µá¤Î¥¹¥Æ¡¼¥¿¥¹¤òÊÖ¤·¤Þ¤¹¡£
¤Ê¤·
Batch µ¡Ç½
Identity Manager ¤Ï¡¢É½ 5-4 ¤ÇÀâÌÀ¤·¤¿ Batch µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
ɽ 5-4 Batch µ¡Ç½
µ¡Ç½
ÀâÌÀ
¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À
Áê°ãÅÀ
BatchRequest
Í×µá¤Î¥Ð¥Ã¥Á¤ò¼Â¹Ô¤·¤Þ¤¹¡£
¤Ê¤·
Bulk µ¡Ç½
Identity Manager ¤Ï¡¢É½ 5-5 ¤ÇÀâÌÀ¤·¤¿ Bulk µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
ɽ 5-5 Bulk µ¡Ç½
µ¡Ç½
ÀâÌÀ
¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À
Áê°ãÅÀ
BulkDeleteRequest
PSO ¤Î°ì³çºï½ü¤ò¼Â¹Ô¤·¤Þ¤¹¡£
¤Ê¤·
BulkModifyRequest
°ìÃפ¹¤ë PSO ¤Î°ì³çÊѹ¹¤ò¼Â¹Ô¤·¤Þ¤¹¡£
¤Ê¤·
Password µ¡Ç½
Identity Manager ¤Ï¡¢É½ 5-6 ¤ÇÀâÌÀ¤·¤¿ Password µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
ɽ 5-6 Password µ¡Ç½
µ¡Ç½
ÀâÌÀ
¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À
Áê°ãÅÀ
ExpirePasswordRequest
¥Ñ¥¹¥ï¡¼¥É¤ò¼º¸ú¤µ¤»¤Þ¤¹¡£
¤Ê¤·
- ¥ê¥½¡¼¥¹¤ä¥¿¡¼¥²¥Ã¥È¤Ï»ØÄê¤Ç¤¤Þ¤»¤ó¡£»ØÄꤹ¤ë¤È¡¢Identity Manager ¤Î User ¥ª¥Ö¥¸¥§¥¯¥È¤Î¥Ñ¥¹¥ï¡¼¥É¤¬¼º¸ú¤·¤Þ¤¹¡£¤³¤ì¤¬¸¶°ø¤Ç¤½¤Î¸å¡¢Á´¥æ¡¼¥¶¡¼¤Î¥ê¥½¡¼¥¹¤Î¥Ñ¥¹¥ï¡¼¥É¤¬¼º¸ú¤·¤Þ¤¹¡£
- Identity Manager ¤Ï remainingLogins °À¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤»¤ó¡£
¤³¤Î°À¤ò¥Ç¥Õ¥©¥ë¥È°Ê³°¤ÎÃÍ (1 ¤Þ¤¿¤Ï¤½¤ì°Ê²¼) ¤ËÀßÄꤹ¤ë¤È¡¢OperationNotSupported ¥¨¥é¡¼¤¬È¯À¸¤·¤Þ¤¹¡£ResetPasswordRequest
¤¹¤Ù¤Æ¤Î¥¢¥«¥¦¥ó¥È¤ËÂФ·¤Æ¥Ñ¥¹¥ï¡¼¥É¤ò¥ê¥»¥Ã¥È¤·¡¢¿·¤·¤¤ÃͤòÊÖ¤·¤Þ¤¹¡£
¤Ê¤·
¥Ñ¥¹¥ï¡¼¥É¤Ïϳ±Ì¤òËɤ°É¬Íפ¬¤¢¤ê¤Þ¤¹¡£SSL ¤Þ¤¿¤Ï¤½¤Î¾¤Î¥»¥¥å¥ê¥Æ¥£¡¼Êݸ¤ì¤¿ÅÁÁ÷¼êÃʤò»ÈÍѤ·¤Æ¤¯¤À¤µ¤¤¡£
SetPasswordRequest
¥Ñ¥¹¥ï¡¼¥É¤òÀßÄꤷ¤Þ¤¹¡£
¤Ê¤·
¥Ñ¥¹¥ï¡¼¥É¤Ïϳ±Ì¤òËɤ°É¬Íפ¬¤¢¤ê¤Þ¤¹¡£SSL ¤Þ¤¿¤Ï¤½¤Î¾¤Î¥»¥¥å¥ê¥Æ¥£¡¼Êݸ¤ì¤¿ÅÁÁ÷¼êÃʤò»ÈÍѤ·¤Æ¤¯¤À¤µ¤¤¡£
ValidatePasswordRequest
»ØÄꤵ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤¬Í¸ú¤«¤É¤¦¤«¤òȽÃǤ·¤Þ¤¹¡£
¤Ê¤·
¥Ñ¥¹¥ï¡¼¥É¤Ïϳ±Ì¤òËɤ°É¬Íפ¬¤¢¤ê¤Þ¤¹¡£SSL ¤Þ¤¿¤Ï¤½¤Î¾¤Î¥»¥¥å¥ê¥Æ¥£¡¼Êݸ¤ì¤¿ÅÁÁ÷¼êÃʤò»ÈÍѤ·¤Æ¤¯¤À¤µ¤¤¡£
Password µ¡Ç½¤ÎÎã¤ò¼¡¤Ë¼¨¤·¤Þ¤¹¡£
ResetPasswordRequest ¤ÎÎã
¥³¡¼¥ÉÎã 5-7 ¤Ï ResetPasswordRequest ¤ÎÎã¤Ç¤¹¡£
¥³¡¼¥ÉÎã 5-7 ResetPasswordRequest ¤ÎÎã
ResetPasswordRequest rpr = new ResetPasswordRequest();
...
PSOIdentifier psoId = new PSOIdentifier(accountId, null, null);
rpr.setPsoID(psoId);
...
SetPasswordRequest ¤ÎÎã
¥³¡¼¥ÉÎã 5-8 ¤Ï SetPasswordRequest ¤ÎÎã¤Ç¤¹¡£
¥³¡¼¥ÉÎã 5-8 SetPasswordRequest ¤ÎÎã
SetPasswordRequest spr = new SetPasswordRequest();
...
PSOIdentifier psoId = new PSOIdentifier(accountId, null, null);
spr.setPsoID(psoId);
spr.setPassword("newpassword");
spr.setCurrentPassword("oldpassword");
...
ValidatePasswordRequest ¤ÎÎã
¥³¡¼¥ÉÎã 5-9 ¤Ï ValidatePasswordRequest ¤ÎÎã¤Ç¤¹¡£
¥³¡¼¥ÉÎã 5-9 ValidatePasswordRequest ¤ÎÎã
ValidatePasswordRequest vpr = new ValidatePasswordRequest();
...
PSOIdentifier psoId = new PSOIdentifier(accountId, null, null);
vpr.setPsoID(psoId);
vpr.setPassword("apassword");
...
Suspend µ¡Ç½
Identity Manager ¤Ï¡¢É½ 5-7 ¤ÇÀâÌÀ¤·¤¿ Suspend µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤¹¡£
ɽ 5-7 Suspend µ¡Ç½
µ¡Ç½
ÀâÌÀ
¥ª¥Ú¥ì¡¼¥·¥ç¥Ê¥ë°À
Áê°ãÅÀ
ResumeRequest
PSO ¥æ¡¼¥¶¡¼¤òºÆ³« (͸ú²½) ¤·¤Þ¤¹¡£
¤Ê¤·
EffectiveDate ¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤»¤ó¡£
EffectiveDate ¤òÀßÄꤹ¤ë¤È¡¢Identity Manager ¤Ï OperationNotSupported ¥¨¥é¡¼¤òÊÖ¤·¤Þ¤¹¡£
SuspendRequest
¥¢¥«¥¦¥ó¥È¤ä PSO ¤òÃæÃÇ (̵¸ú²½) ¤·¤Þ¤¹¡£
¤Ê¤·
EffectiveDate ¤ò¥µ¥Ý¡¼¥È¤·¤Þ¤»¤ó¡£
EffectiveDate ¤òÀßÄꤹ¤ë¤È¡¢Identity Manager ¤Ï OperationNotSupported ¥¨¥é¡¼¤òÊÖ¤·¤Þ¤¹¡£
SPML 2.0 ¤ò»ÈÍѤ¹¤ë¤¿¤á¤Î Identity Manager ¤ÎÀßÄꤳ¤ÎÀá¤Ç¤Ï¡¢SPML 2.0 ¤ò Identity Manager ¤Ç»ÈÍѤ¹¤ë¤¿¤á¤ÎÀßÄêÊýË¡¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£¼¡¤Î¥È¥Ô¥Ã¥¯¤ò°·¤¤¤Þ¤¹¡£
´ÉÍý¤¹¤ë°À¤Î·èÄê
SPML 2.0 ¤ò»ÈÍѤ¹¤ë¤¿¤á¤Ë Identity Manager ¥µ¡¼¥Ð¡¼¤òÀßÄꤹ¤ë¤È¤¡¢ºÇ½é¤Ë¹Ô¤¦¤³¤È¤Ï¡¢¥¿¡¼¥²¥Ã¥È¤òÄ̤¸¤Æ´ÉÍý¤¹¤ë°À¤Î·èÄê¤Ç¤¹¡£
¤³¤Î¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ò»ÈÍѤ¹¤ë Identity Manager ¥¤¥ó¥¹¥¿¥ó¥¹¤Ç¥æ¡¼¥¶¡¼¤ò´ÉÍý¤¹¤ë¤È¤¤Ë¡¢¥¤¥ó¥¿¥Õ¥§¡¼¥¹¥¯¥é¥¤¥¢¥ó¥È¤¬¤É¤Î°À¥»¥Ã¥È (objectclasses) ¤ò»ÈÍѤ¹¤ë¤«¤ò·èÄꤷ¤Þ¤¹¡£¤³¤Î°À¥»¥Ã¥È¤¬ PSO ¤Ç¤¹¡£¥Õ¥©¡¼¥à¤ò»ÈÍѤ·¤Æ¡¢¤½¤ì¤é¤Î°À¤ò¥æ¡¼¥¶¡¼¥Ó¥å¡¼¤È¤Î´Ö¤Ç¥Þ¥Ã¥×¤¹¤ëÊýË¡¤Ë¤Ä¤¤¤Æ¤âÍý²ò¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
¤³¤ÎÀá¤Ç¤Ï¡¢spml2Person ¤È¤¤¤¦ DSML objectclass ¤ËÂФ·¤Æ¡¢¼¡¤Î°À¤ò´Þ¤à PSO ¤ò»ÈÍѤ¹¤ë¥·¥¹¥Æ¥à¤ÎÀßÄêÊýË¡¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
¤³¤ì¤é¤Î°À¤ò¥æ¡¼¥¶¡¼¥Ó¥å¡¼¤Ë¥Þ¥Ã¥×¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
¤Þ¤¿¤³¤ÎÀá¤Ç¤Ï¡¢Identity Manager ¤Ç¤Î SPML 2.0 ¥µ¥Ý¡¼¥È¤ò»ÈÍѤ·¤Æ¡¢PSO ¤Î´ÉÍýÊýË¡¤òÀâÌÀ¤¹¤ë¡¢´Êñ¤ÊÎã¤â¼¨¤·¤Þ¤¹¡£
Identity Manager ¤Ï¡¢sample/spml2.xml ¥Õ¥¡¥¤¥ë¤Ç¡¢SPML ÀßÄꥪ¥Ö¥¸¥§¥¯¥È¤Î¥µ¥ó¥×¥ë¤Î¥»¥Ã¥È¤òÄ󶡤·¤Æ¤¤¤Þ¤¹¡£sample/spml2.xml ¥Õ¥¡¥¤¥ë¤Ï¡¢¥ê¥Ý¥¸¥È¥ê¤Î½é´ü²½»þ¤Ë¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¥¤¥ó¥Ý¡¼¥È¤µ¤ì¤Ê¤¤¤Î¤Ç¡¢¼êư¤Ç¥¤¥ó¥Ý¡¼¥È¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢¤³¤Î¥Õ¥¡¥¤¥ë¤ÎÆâÍÆ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
Ãí
¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢spml2ObjectClass °À¤Ï User ¥¹¥¡¼¥Þ¤Ë¸ºß¤·¤Þ¤»¤ó¡£¤³¤Î°À¤¬¤Þ¤À͸ú¤Ë¤Ê¤Ã¤Æ¤¤¤Ê¤¤¾ì¹ç¡¢Identity Manager ¤ò SPML 2.0 ¥µ¡¼¥Ð¡¼¤È¤·¤Æµ¡Ç½¤µ¤»¤ë¤Ë¤Ï¡¢¥¹¥¡¼¥Þ¤Ë spml2ObjectClass °À¤ò¼êư¤ÇÄɲ乤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
spml2ObjectClass °À¤Ï Identity Manager ¤ÇÄ󶡤µ¤ì¤ë schema.xml ¤ËÄêµÁ¤µ¤ì¤Æ¤¤¤Þ¤¹¤¬¡¢¤³¤Î°À¤òÀßÄê¤ËÄɲ乤륻¥¯¥·¥ç¥ó¤Ï¥³¥á¥ó¥È¥¢¥¦¥È¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ËÜ²ÔÆ¯ÍѤΥ¹¥¡¼¥Þ¤¬¤½¤Î¸µ¤Î¥¹¥¡¼¥Þ¤«¤é¼èÆÀ¤µ¤ì¤¿¥Õ¥¡¥¤¥ëÆâ¤Ë¤¢¤ë¤³¤È¤òÁ°Äó¤È¤·¤Æ¡¢¤½¤Î¸µ¤Î¥»¥¯¥·¥ç¥ó¤Î¥³¥á¥ó¥È¤ò²ò½ü¤·¡¢¥¹¥¡¼¥Þ¥Õ¥¡¥¤¥ë¤ò¥¤¥ó¥Ý¡¼¥È¤¹¤ë¤«¡¢ºÆ¥¤¥ó¥Ý¡¼¥È¤·¡¢Identity Manager ¤òºÆµ¯Æ°¤·¤Æ SPML 2.0 µ¡Ç½¤ò»ÈÍѲÄǽ¤Ë¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
PSO ¤Î·Á¼°¤ò·èÄꤷ¤¿¤¢¤È¤Ç¡¢¼¡¤ÎÀá¤ÇÀâÌÀ¤¹¤ë¥µ¡¼¥Ó¥¹¤ò͸ú¤Ë¤·¤Þ¤¹¡£¼¡¤ÎÀá¤Ç¤Ï¡¢web.xml ¥Õ¥¡¥¤¥ë¤È¡¢SPML 2.0 ¤ÇÄɲ䵤줿Í×ÁǤˤĤ¤¤ÆÀâÌÀ¤·¤Æ¤¤¤Þ¤¹¡£
SPML2 ÀßÄꥪ¥Ö¥¸¥§¥¯¥È¤ÎÀßÄê
sample/spml2.xml ¥Õ¥¡¥¤¥ë¤Ë¤Ï¡¢SPML 2.0 ¥µ¥Ý¡¼¥È¤Î½é´ü¾õÂÖ¤ÎÀßÄ꤬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£¤³¤Î¥Õ¥¡¥¤¥ë¤Þ¤¿¤Ï¤³¤Î¥Õ¥¡¥¤¥ë¤«¤é¼èÆÀ¤·¤¿¥Õ¥¡¥¤¥ë¤ò¥¤¥ó¥Ý¡¼¥È¤·¤Æ¡¢SPML 2.0 ¤ò¥µ¥Ý¡¼¥È¤¹¤ë¤¿¤á¤Ë Identity Manager ¤ÇɬÍפʥª¥Ö¥¸¥§¥¯¥È¤òÄêµÁ¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
SPML2 ÀßÄ꥿¥¤¥×¥ª¥Ö¥¸¥§¥¯¥È¤ò»ÈÍѤ·¤Æ¡¢SPML 2.0 ¥µ¥Ý¡¼¥È¤Îưºî¤ÎÊѹ¹¤ä¥·¥¹¥Æ¥à¤Î³ÈÄ¥¤ò¹Ô¤¦¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
Ãí
³ÈÄ¥¤Ë´Ø¤¹¤ë¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢¡Ö¥·¥¹¥Æ¥à¤Î³ÈÄ¥¡×¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
web.xml ¤ÎÀßÄê
Tomcat ¤Ê¤É¤Î¥µ¡¼¥Ö¥ì¥Ã¥È¥³¥ó¥Æ¥Ê¤ò»ÈÍѤ·¤Æ¤¤¤ë¾ì¹ç¤Ï¡¢web.xml ¤ò»ÈÍѤ·¤Æ¡¢SPML 2.0 Í×µá¤ò½èÍý¤¹¤ë¥µ¡¼¥Ö¥ì¥Ã¥È¤Ç¤¢¤ë openspmlRouter ¥µ¡¼¥Ö¥ì¥Ã¥È¤òÀßÄꤷ¤Þ¤¹¡£
Ãí
web.xml ¤Ë¤Ï¡¢½Ð²Ù»þÅÀ¤Ç¥Ç¥Õ¥©¥ë¥È¤Î¥¤¥ó¥¹¥È¡¼¥ë¤¬ÄêµÁ¤µ¤ì¤Æ¤ª¤ê¡¢¤³¤Î¥³¥ó¥Ý¡¼¥Í¥ó¥È¤ËÂФ¹¤ë¥¢¥¯¥·¥ç¥ó¤ÏɬÍפ¢¤ê¤Þ¤»¤ó¡£
web.xml ¥Õ¥¡¥¤¥ë¤Ë¤Ï¡¢¥ª¥×¥·¥ç¥ó¤Î init-param ¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£¤³¤Î¥Ñ¥é¥á¡¼¥¿¤Ï¡¢SPML 2.0 ¥á¥Ã¥»¡¼¥¸¤Î¥Õ¥í¡¼¤òɽ¼¨¤¹¤ë (Swing ¤Î) ´Æ»ë¥¦¥£¥ó¥É¥¦¤ò³«¤¯¤¿¤á¤Ë»ÈÍѤǤ¤Þ¤¹¡£¤³¤Î¥¦¥£¥ó¥É¥¦¤ò»ÈÍѤ·¤Æ¡¢SPML 2.0 ¥á¥Ã¥»¡¼¥¸¤Î¥Õ¥í¡¼¤ò´Æ»ë¤Ç¤¤Þ¤¹¡£¤³¤ì¤Ï¡¢¥Ç¥Ð¥Ã¥°¤ÎºÝ¤ËÊØÍø¤Ç¤¹¡£
init-param ¤ÎÄɲÃÊýË¡¤ÎÎã¤ò¼¡¤Ë¼¨¤·¤Þ¤¹¡£
<init-param>
<param-name>monitor</param-name>
<param-value>org.openspml.v2.util.SwingRPCRouterMonitor</param-value>
</init-param>
¼¡¤ÎÎã¤Ï¡¢¥³¥á¥ó¥ÈÉÕ¤¤Î¥»¥¯¥·¥ç¥ó¤Ç¡¢¤½¤Î¾¤Î init-params ¤Ë¤Ä¤¤¤Æ¤Î¾ðÊó¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£
¥³¡¼¥ÉÎã 5-10 ¥³¥á¥ó¥ÈÉÕ¤¤ÎÎã
<servlet>
<servlet-name>openspmlRouter</servlet-name>
<display-name>OpenSPML SOAP Router</display-name>
<description>A router of RPC traffic - nominally SPML 2.0 over SOAP</description>
<servlet-class>
org.openspml.v2.transport.RPCRouterServlet
</servlet-class>
<!--
Router ¤Ï¥Ç¥£¥¹¥Ñ¥Ã¥Á¥ã¡¼¤ò»ÈÍѤ·¤Æ SOAP ¥á¥Ã¥»¡¼¥¸¤ò½èÍý¤¹¤ë¡£¤³¤ì¤Ï¡¢¥Ä¡¼¥ë¥¥Ã¥ÈÆâ¤Î
SOAP ¤ËÂбþ¤·¤¿Âбþ¤·¤¿¥Ç¥£¥¹¥Ñ¥Ã¥Á¥ã¡¼¤Ç¤¢¤ë¡£Ì¿Ì¾µ¬Â§¤ò²ð¤·¤¿ÆÈ¼«¤Î¥Ñ¥é¥á¡¼¥¿¤ò»ý¤Ä¡£
¼¡¤ò»²¾È¡£-->
<init-param>
<param-name>dispatchers</param-name>
<param-value>org.openspml.v2.transport.SPMLViaSoapDispatcher</param-value>
</init-param>
<!--
¥È¥ì¡¼¥¹¤ò͸ú¤Ë¤·¡¢¥µ¡¼¥Ö¥ì¥Ã¥È¤¬¾ðÊó¥á¥Ã¥»¡¼¥¸¤ò¥í¥°¤Ë½ñ¤¹þ¤à¤è¤¦¤Ë¤¹¤ë¡£
-->
<init-param>
<param-name>trace</param-name>
<param-value>false</param-value>
</init-param>
<!--
Àè¤ËÄêµÁ¤·¤¿ SpmlViaSOAPDispatcher ¤ÏÀ°Îó²½½èÍý (Marshaller) ¤ò»ÈÍѤ¹¤ë¡£XML ¤ª¤è¤Ó SPML ¤Î
¥ª¥Ö¥¸¥§¥¯¥È´Ö¤Ç°Üư¤ò¹Ô¤¦¤¿¤á¤Î¥Á¥§¡¼¥ó¤¬Â¸ºß¤¹¤ë²ÄǽÀ¤¬¤¢¤ë¡£¤³¤ÎÌÜŪ¤Î¤¿¤á¤Ë¼ÂÁõ¤·¤¿
UberMarshaller ¤ò»ÈÍѤ¹¤ë¡£¤³¤ì¤Ï¼ÂºÝ¤Ë¤Ï¥Ä¡¼¥ë¥¥Ã¥È¤Î¥¯¥é¥¹¤òÊÑ´¹¤·¤¿¤â¤Î¤Ç¤¢¤ë¡£-->
<init-param>
<param-name>SpmlViaSoap.spmlMarshallers</param-name>
<param-value>com.sun.idm.rpc.spml2.UberMarshaller</param-value>
</init-param>
<!--
¤³¤³¤Ç»ÈÍѤ¹¤ë UberMarshaller ¤ÏÆÈ¼«¤Î¥È¥ì¡¼¥¹ÀßÄê¤ò»ý¤Ä¡£
¤³¤Î¥ê¥ê¡¼¥¹¤Ç¤Ï¡¢¤³¤ÎÀßÄê¤Ï¼ÂºÝ¤Ë¤Ï²¿¤â¹Ô¤ï¤Ê¤¤¡£-->
<init-param>
<param-name>SpmlViaSoap.spmlMarshallers.UberMarshaller.trace</param-name>
<param-value>true</param-value>
</init-param>
<!--
ºÇ¸å¤Ë¡¢¥Ç¥£¥¹¥Ñ¥Ã¥Á¥ã¡¼¤Ïµ¡Ç½¤ò¼ÂºÝ¤Ë
¼ÂÁõ¤¹¤ë executor ¤Î¥ê¥¹¥È¤ò»ý¤Ä¡£Í×µá¤ò¼õ¤±¼è¤ë¤È¡¢
SOAP ¥¨¥ó¥Ù¥í¡¼¥×¤ò½üµî¤·¡¢XML ¤«¤éËÜÂΤòÃê½Ð¤·¤Æ OpenSPML Request ¥¯¥é¥¹¤ËÅϤ·¡¢Í×µá¤ò½èÍý¤Ç¤¤ë¤«
¤É¤¦¤«¤ò executor ¤Î¥ê¥¹¥È¤ËÌ䤤¹ç¤ï¤»¤ë¡£¤³¤³¤Ç¤Ï UberExecutor ¤òÄêµÁ¤·¤¿¡£
¤³¤Î executor ¤ÏÍ×µá¤ò¤Û¤«¤Î executor ¤ËºÆ¿¶¤êʬ¤±¤¹¤ë¡£¤Û¤«¤Î executor ¤Ï spml2.xml (Configuration:SPML2) ¤Ç»ØÄꤵ¤ì¤ë¡£-->
<init-param>
<param-name>SpmlViaSoap.spmlExecutors</param-name>
<param-value>com.sun.idm.rpc.spml2.UberExecutor</param-value>
</init-param>
</servlet>
SPML ¥È¥ì¡¼¥¹¤ÎÀßÄê
Identity Manager ¤Î SPML ¥È¥é¥Õ¥£¥Ã¥¯¤ò¥í¥®¥ó¥°¤·¡¢ÌäÂê¤Î¿ÇÃǤËÌòΩ¤Æ¤ë¤³¤È¤¬¤Ç¤¤ë¤è¤¦¤Ë¡¢SPML ¤Ç¤Ï¡¢¥È¥ì¡¼¥¹½ÐÎϤò͸ú¤Ë¤¹¤ë¤¿¤á¤Î¥ª¥×¥·¥ç¥ó¤¬Ä󶡤µ¤ì¤Æ¤¤¤Þ¤¹¡£
SPML ¤Î¥È¥ì¡¼¥¹¤Î¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢¡ØIdentity Manager Tuning, Troubleshooting, and Error Messages¡Ù¤Î¡ÖTracing and Troubleshooting Identity Manager¡×¤Î¾Ï¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
¥·¥¹¥Æ¥à¤Î³ÈÄ¥ÀßÄꥪ¥Ö¥¸¥§¥¯¥È¤òÊѹ¹¤¹¤ë¤³¤È¤Ë¤è¤Ã¤Æ¡¢¥¹¥¡¼¥Þ¤ò³ÈÄ¥¤·¤Þ¤¹¡£¥»¥¯¥·¥ç¥ó¤òÊѹ¹¤¹¤ë¤³¤È¤Ë¤è¤ê¡¢Í×µá¤Î executor ¤òÄɲäǤ¤Þ¤¹¡£¥Õ¥©¡¼¥à¤ò»ÈÍѤ·¤Æ¡¢DSML ¤È¥Ó¥å¡¼¤Î´Ö¤Ç¥Þ¥Ã¥Ô¥ó¥°¤ò¹Ô¤¦¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
¾¯¤·Æñ¤·¤¯¤Ê¤ê¤Þ¤¹¤¬¡¢¥Ç¥£¥¹¥Ñ¥Ã¥Á¥ã¡¼¡¢À°Îó²½¥¯¥é¥¹¡¢¤ª¤è¤Ó UberExecutor ¤ò¡¢¥«¥¹¥¿¥Þ¥¤¥º¤·¤¿¤â¤Î¤ÈÃÖ¤´¹¤¨¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£
SPML 2.0 ¤Ï¹¤¯³«¤«¤ì¤¿¥×¥é¥°¥¤¥ó²ÄǽÀ¤òÄ󶡤·¤Æ¤ª¤ê¡¢¤³¤ì¤Ï Identity Manager ¤Ç OpenSPML 2.0 Toolkit ¤òÍøÍѤ¹¤ë¤³¤È¤Ë¤è¤Ã¤Æ¼Â¸½¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¼¡¤Î¿Þ¤Ï¡¢OpenSPML 2.0 Toolkit ¤Î¥¢¡¼¥¥Æ¥¯¥Á¥ã¡¼¤ò¼¨¤·¤Æ¤¤¤Þ¤¹¡£
¿Þ 5-1 OpenSPML 2.0 Toolkit ¤Î¥¢¡¼¥¥Æ¥¯¥Á¥ã¡¼
SPML 2.0 ¥¢¥À¥×¥¿¤ÎÎãIdentity Manager ¤Ë¤Ï¡¢¥µ¥ó¥×¥ë¤Î SPML 2.0 ¥ê¥½¡¼¥¹¥¢¥À¥×¥¿¤¬ÍѰդµ¤ì¤Æ¤¤¤Þ¤¹¡£¤³¤Î¥¢¥À¥×¥¿¤ò½ÐȯÅÀ¤È¤·¤Æ»ÈÍѤ·¡¢ÆâÍÆ¤òÊѹ¹¤·¤Æ¡¢Identity Manager ¥¤¥ó¥¹¥È¡¼¥ë¤ä¡¢SPML 2.0 ¥³¥¢Áàºî¤ò¥µ¥Ý¡¼¥È¤¹¤ë¥µ¡¼¥É¥Ñ¡¼¥Æ¥£¡¼¤Î¥ê¥½¡¼¥¹¤ÈÄÌ¿®¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
Ãí
¤³¤Î¥µ¥ó¥×¥ë¥¢¥À¥×¥¿¤Ï¡¢À½ÉÊ CD ¤Þ¤¿¤Ï /REF ¤Ë³ÊǼ¤µ¤ì¤Æ¤¤¤ë¥¤¥ó¥¹¥È¡¼¥ë¥¤¥á¡¼¥¸¤Î Sun Resource Extension Facility Kit ¤Ë¼ýÏ¿¤µ¤ì¤Æ¤¤¤Þ¤¹¡£