[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[upki-fed:00344] Re: Session IP Address check on IdP

Subject: [upki-fed:00344] Re: Session IP Address check on IdP
Date: Wed, 01 Jun 2011 18:33:08 +0900
From: Takeshi NISHIMURA <xxxxxxx@xxxxxxxxx>

$B@>B<$G$9!#(B

$B$J$k$[$I!">pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B$^$H$a$k$H!"MxMQ?M$H=EJ#$7$F$7$^$&$H$$$&@Hhttp://shibboleth.internet2.edu/secadv/secadv_20110113.txt

(2011/05/31 13:25), Kaz IGARASHI wrote:
> $B@>B<@h@8(B
> 
> $B$*@$OC$K$J$C$F$*$j$^$9!%@.>kBg3X8^==Mr$G$9!%(B
> 
>> SP$B$O%G%U%)%k%H$G$OG'>Z$5$l$?%/%i%$%"%s%H(BIP$B%"%I%l%9$rJ]B8$7$F$$$F!"(BIP$B%"%I(B
>> $B%l%9$,JQ$o$k$HIT@5$H$7$F%;%C%7%g%s$rGK4~$7$F$7$^$$$^$9!#(BDHCP$B$G$3$m$3$m(BIP
>> $B%"%I%l%9$,JQ$o$k>l9g$d!"(BFW$B$r7PM3$7$F$$$F3d$jEv$F$i$l$k(BIP$B%"%I%l%9$,$3$m$3$m(B
>> $BJQ$o$k>l9g$K$O!"@5Ev$J%"%/%;%9$,IT@5$J$b$N$H$_$J$5$l$k>l9g$,$"$j$^$9!#(B
> $BK\3X$G$b:#e5-$N$h$&$K(Bcookie$BEpMQ$K$h$kIT@5MxMQ$rKI$0$?$a$N5!G=$J$N$G$9$,!"(B
>> $B$3$N5!G=$rL58z$K$9$k$K$O!"F1$8$/(BSessions$B$K=q$/B0@-$G(BconsistentAddress="false
>> $B$N$h$&$K=q$1$P$h$$$G$9!#(B
>> https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPSessions
> $B$H$j$"$($:(B SP $BC1BN$G$"$l$P$3$l$G2sHr$G$-$?$N$G$9$,!$$=$N8eJL%^%7%s$G2TF/$7(B
> $B$F$$$k(B SP $B$X@\B3$9$k$H:FEY(B IdP $B$NG'>Z2hLL$,I=<($5$l$F$7$^$&$?$a!$(BIdP $BB&$G(B
> IP Address $B%A%'%C%/$r%*%U$K$7!$%;%C%7%g%s%-%c%C%7%e$r0];}$9$k$3$H$G2r>C$G$-(B
> $B$^$7$?!%(B
> 
> 
> $B6qBNE*$K$O!$(B
> src/shibboleth-identityprovider-2.2.1/src/main/webapp/WEB-INF/web.xml $B$G(B
> ensureConsistentClientAddress $B$r(B false $B$K$7$^$9!%(B
> 
> -----------------------------------------------------------------------
> ...
>        <filter>
>           <filter-name>IdPSessionFilter</filter-name>
>           <filter-class>edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter</filter-class>
>           <init-param>
>                   <param-name>ensureConsistentClientAddress</param-name>
>                   <param-value>false</param-value>
>           </init-param>
>       </filter>
> ...
> -----------------------------------------------------------------------
> 
> $B$3$N8e(B idp.war $B$r(B rebuild $B$G(B OK $B$G$9!%(B
> 
> # $BAGD>$K(B idp.war $B$rCV$-49$($F$7$^$&$H%+%9%?%^%$%:$7$F$$$?(B login.jsp $B$,(B
> $B!!>C$($F$7$^$&$N$G!$MW%P%C%/%"%C%W$G$9!%(B
> $B!!(B
> 
> Kaz IGARASHI +++++++++++++++++++++++++++++
> Mail to ------------------ xxx@xxxxxxxxxxx
> URL -------------- http://www.seijo.ac.jp/
> +++++++++++++++++++++++++ MNC, Seijo Univ.

-- 
$B@>B<7r(B
$B9qN)>pJs3X8&5f=j(B TEL:03-4212-2720

References:
- [upki-fed:00331] SP$B$N%?%$%`%"%&%H$K$D$$$F$N
  - From: Takuya Matsuhira
- [upki-fed:00332] Re: SP$B$N%?%$%`%"%&%H$K$D$$$F$N
  - From: Takeshi NISHIMURA
- [upki-fed:00342] Re: Session IP Address check on IdP
  - From: Kaz IGARASHI

Prev by Date: [upki-fed:00343] $B!Z3XG'![?75,;22C(BSP$B!!(BKOD$B!J8&(B$B5f

Next by Date: [upki-fed:00345] Re: $B!Z3XG'![?75,;22C(BSP$B!!(BKOD$B!J(B$B8&5f

Previous by thread: [upki-fed:00342] Re: Session IP Address check on IdP
Next by thread: [upki-fed:00336] $BJ?@.(B23$BG/EY>pJs=hM}5;=Q%;%_%J!<$N(B$B3+:E$K$D$$$F(B
Index(es):
- Date
- Thread