
ã¿ãªããããã«ã¡ã¯ïŒ å€æ°ã®è åšãæè¿å¢å ããŠããããšã¯èª°ã«ãšã£ãŠãç§å¯ã§ã¯ãããŸããã ã»ãã¥ãªãã£ã®ãããã¯ãšäœ¿çšããããªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ã®ä¿è·ã«å€ãã®æ³šæãæãããŠããŸãã ãã®èšäºã§ã¯ãCitrix NetScaler VPX補åãšãã®çµ±åUnified Gatewayãã©ãããã©ãŒã ãåæãããšåæã«ãçŸåšäœ¿çšãããŠããèªèšŒæ¹æ³ãå€èŠçŽ èªèšŒãªã©ã«ã€ããŠèª¬æããŸãã èå³ã®ããæ¹ã¯èªãã§ãã ããã
ã©ãç°å¢ã®æ§æããå§ããŸãããã ãã®å³ã¯ãã«ãŒã¿ãŒããã©ã€ããŒããããã¯ãŒã¯ã®ã»ã°ã¡ã³ããå€éšãããã¯ãŒã¯ãããã³ä»®æ³ãã·ã³ãé 眮ãããé·æ¹åœ¢ã§å²ãŸãããã€ããŒãã€ã¶ãŒã瀺ããŠããŸãã å®éããã¹ãŠã®å®éšå®€äœæ¥ã¯ãç¹ã«ä»®æ³ãã·ã³ã«çŠç¹ãåãããŸãã ãã®ã¹ããŒã ã¯ãå®éšå®€ã®ã¹ã¿ã³ããã©ã®ããã«çµç¹ãããŠããããæœè±¡çã«ç€ºãããã«æ瀺ãããŠããŸãã ã芧ã®ããã«ãã¹ã¿ã³ãã¯ç°ãªã圹å²ãšæ§æãæã€8ã€ã®ç°ãªãä»®æ³ãã·ã³ã§æ§æãããŠããŸãã ãã®èšäºã¯ããã«æ¬ã«ãªããApacheãŸãã¯Exchangeã®æ§ææ¹æ³ã«é¢ããè³æããã£ã±ãã«ãªãããããããã®ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ãšãã®æ§æã®ã€ã³ã¹ããŒã«æ¹æ³ã«ã€ããŠã¯æ€èšããŸããã äž»ãªçŠç¹ã¯NetScaler Unified Gatewayã®æ§æã«ãããŸããããã®èšäºãæžããŠãããšãã«ãéèŠãªãã€ã³ããä»ã®ä»®æ³ãã·ã³ã«ã€ããŠã³ã¡ã³ãããŸãã ãããŠæåã«é ã«æµ®ãã¶ã®ã¯ãNetScaler Gatewayä»®æ³ãã·ã³ã®å ¥æå ã§ãã Citrixã®å ¬åŒWebãµã€ãããç¡æã§ããŠã³ããŒãã§ããŸãã
å¿ èŠãªã®ã¯ç»é²ããããšã ãã§ãã
ããŒãã«å ã®ä»®æ³ãã·ã³ã®ãã¹ãŠã®IPã¢ãã¬ã¹ãããã«æžãåºããŸãã

ãã¡ã€ã³ã³ã³ãããŒã©ãŒã¯training.labãŸãŒã³ãæ åœããããããã以éã®ãã¹ãŠã®ä»®æ³ãã·ã³ã¯ããã«é¢é£ä»ããããŸãã
ãŸãæåã«ãã¹ãããšã¯ãNetScaler Unified Gatewayãæ§æããããšã§ãã ããã¯ãç¹å®ã®ãŠãŒã¶ãŒã«ç¹å®ã®ã³ã³ãã³ããæäŸããäžçš®ã®çµ±åãã©ãããã©ãŒã ã§ãã ã€ãŸããCitrix Unified GatewayïŒä»¥éUGãšç¥ããŸãïŒã«å¯ŸããŠèªèšŒãè¡ããŠãŒã¶ãŒã¯ãèªåã«å²ãåœãŠãããŠãããªãœãŒã¹ã«ã®ã¿ã¢ã¯ã»ã¹ã§ããŸãã ããã«ãããã»ãã¥ãªãã£ãå€§å¹ ã«åäžããŸãã ãã®ãã©ãããã©ãŒã ã¯Citrix NetScalerå ã§åäœãã11çªç®ä»¥éã®ããŒãžã§ã³ãä»å±ããŠããŸãã ãããæ§æããŸãã Webãã©ãŠã¶ãŒãéããNetScaller VPXïŒãŸãã¯NS_VPX_1ïŒã®ã¢ãã¬ã¹ã«ç§»åããŸãã ããã¯ã¢ãã¬ã¹192.168.10.50ã§ãã

ãã°ã€ã³ãšãã¹ã¯ãŒããå ¥åããããã®ãŠã£ã³ããŠãéããããŒã¿ãå ¥åããŸãã ããã©ã«ãã§ã¯ããŠãŒã¶ãŒåãšãã¹ã¯ãŒãã¯nsrootã§ãã
ããã«ãããNetScalerã®ããŒã ããŒãžãéããŸãã

ããã€ãã®ã¿ãããããŸãã NetScalerã¯ãWEBã€ã³ã¿ãŒãã§ã€ã¹ãšã³ã³ãœãŒã«ã€ã³ã¿ãŒãã§ã€ã¹ã®äž¡æ¹ã䜿çšããŠç®¡çã§ããããšã«æ³šæããŠãã ããã æ§æã¿ããã€ãŸãå©çšå¯èœãªè£œåã®å·Šäžã®ãŠã£ã³ããŠã«èå³ããããŸãã

Unified GatewayãéžæããŸã ã ã¯ãªãã¯ãããšãèšå®ãŠã£ã¶ãŒããéããŸãã

圌ã¯ãå§ããåã«ãUGã®ãããªãã¯IPã¢ãã¬ã¹ãå¿ èŠã ãšèŠåããŠããŸãã å€éšã«å ¬éããããšã¯ãããŸãããã€ãŸããååãªãã©ã€ããŒãIPã¢ãã¬ã¹ãããããšãæå³ããŸãã ããã«ãã«ãŒã蚌ææžãèªèšŒã¢ã«ãŠã³ããããã³ãããã®ãŠãŒã¶ãŒããã°ãªã³ããã¢ããªã±ãŒã·ã§ã³ãå¿ èŠã§ãã ããããã¹ãŠã§ãããããã«èšå®ãããŸãã [ éå§]ãã¯ãªãã¯ããŸãã

UGã®æ©èœã瀺ãå¥ã®ãŠã£ã³ããŠã衚瀺ãããŸãã ç¶è¡ãã¯ãªãã¯ããŸãã
ããã«ãæ§æã¯ãä»®æ³ãµãŒããŒããµãŒããŒèšŒææžãèªèšŒãããŒã¿ã«ããŒããããã³ã¢ããªã±ãŒã·ã§ã³ã®5ã€ã®æ§ææé ã§æ§æãããŸãã
æ§æããããã«æåã«ææ¡ãããã®ã¯ãä»®æ³ãµãŒããŒã§ãã å°ããªäœè«-ããã§ãä»®æ³ãµãŒããŒã¯ãCitrix NetScalerã察話ããç¹å®ã®ãµãŒãã¹ã説æããæ å ±ã®ã»ããã«ãããŸããã ã»ãšãã©ã®å Žåãããã¯ãååããIPã¢ãã¬ã¹ãããã³ããŒãçªå·ã§ãã

ug1ãšããååãä»ããIPã¢ãã¬ã¹192.168.10.90ãèšå®ããŸãã ãããã¯ãŒã¯ãIPv6ã¢ãã¬ã¹ã䜿çšããŠããå Žåããã®æšªã«dawãé 眮ããŠç»é²ã§ããŸãã ããŒã443ã¯ããã©ã«ãã§ç»é²ãããŠããŸãã ç¶è¡ãã¯ãªãã¯ããŸãã

æ¢åã®èšŒææžãµãŒããŒãéžæãã[ ç¶è¡ ]ãã¯ãªãã¯ããŸãã

èªèšŒèšå®ãŠã£ã³ããŠãéããŸãã Active Directory / LDAPããã³æ¢åã®training.lab_polãµãŒããŒãä»ããŠã¡ã€ã³ã®èªèšŒæ¹æ³ãéžæããŸãã ç¶è¡ãã¯ãªãã¯ããŸãã

UGã«é©çšããããŒããéžæããŸãã ããã§ãéžæã¯ä»»æã§ãã X1ãéžæããŸããã ç¶è¡ãã¯ãªãã¯ããŸãã

ãããŠãã¢ããªã±ãŒã·ã§ã³ãã»ããã¢ããããããã®æåŸã®ãŠã£ã³ããŠãéããŸãã çŸæç¹ã§ã¯ãã¢ããªã±ãŒã·ã§ã³ãæ§æããã«[ å®äº ]ãã¯ãªãã¯ããŸãã
ããã§UGãèµ·åãããããå®è¡ã§ããŸãã
ããŒãžããã£ãã·ã¥ããªãããã«ããã©ã€ããŒãWebãã©ãŠã¶ãŠã£ã³ããŠãéããŸãã

ãããŠãã¢ãã¬ã¹192.168.10.90ããã€ã€ã«ããŸãã

Unified Gatewayã®ãã°ãªã³ãŠã£ã³ããŠãéããŸãã ãã¹ã¯ãŒãCitrix123ã§user1ã¢ã«ãŠã³ãã䜿çšããŠããŸãã

[ ã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹]ãéžæããŸã ã

ãã®ãŠãŒã¶ãŒã®å人ããŒãžã«ã¢ã¯ã»ã¹ããŸããããã«ã¯ããŠãŒã¶ãŒã®ãµã€ããã¢ããªã±ãŒã·ã§ã³ã衚瀺ãããŸãã çŸåšç©ºã§ãã WEBã¢ããªã±ãŒã·ã§ã³ã®è¿œå ã«ç§»ããŸãããã
ä»æ¥ãç¬èªã®ãµãŒãã¹ãšãªãœãŒã¹ãæããªãäŒç€Ÿãæ³åããããšã¯å°é£ã§ãã ããšãã°ãã¡ãŒã«ããã©ãããã©ãŒã ãžã®äžè¬çãªã¢ã¯ã»ã¹ãªã©ã ãããŠããããã®ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ã¯ã瀟å ã ãã§ãªã瀟å€ã§ãçµç¹åããå¿ èŠããããŸãã çŸæç¹ã§ã¯ãäŒç€Ÿã®ãªãœãŒã¹ãžã®ãªã¢ãŒãã¢ã¯ã»ã¹ãæŽçããããšã¯é£ãããããŸããã ãã ããå€ãã®å Žåãå¿ èŠã«å¿ããŠä»»æã®ãµãŒãã¹ãžã®ãªã¢ãŒãã¢ã¯ã»ã¹ããã·ã³å šäœïŒä»®æ³ãŸãã¯ç©çïŒãžã®ã¢ã¯ã»ã¹ãèš±å¯ããããããªã¢ãããŒãã䜿çšããŸãã ãã®æ¹æ³ã®æ¬ ç¹ã¯ãããããããŸãã è² è·ããå§ãŸããå®å šã§çµãããŸãã ãŸãããŠãŒã¶ãŒãã¡ãŒã«ããã§ãã¯ããããæçŽã«ãã°ããè¿ä¿¡ãããããå¿ èŠããããšãã«ããã·ã³å šäœã«ã¢ã¯ã»ã¹ããå¿ èŠãããã®ã¯ãªãã§ããã ããã«å ããŠãæ¥ç¶ã確ç«ããå¿ èŠãªã³ã³ãã¥ãŒã¿ãŒã«ãã°ã€ã³ããç®çã®ãªãœãŒã¹ãéããããã«ãã¹ã¯ãŒãã§ãã°ã€ã³ãå ¥åãããšãã圢ã§ãèªèšŒæé ãæ°åå®è¡ããå¿ èŠããããŸãã ããã«ãããè²»ããæéãå€§å¹ ã«å¢å ããã¢ã¯ã»ã¹ããã»ã¹ãè€éã«ãªããŸãã
èªèšŒãç°¡çŽ åããããã«ãSSOã¡ã«ããºã ãçºæãããŸããïŒè±èªã®ã·ã³ã°ã«ãµã€ã³ãªã³ããïŒã ãã®ãã¯ãããžãŒã«ããããŠãŒã¶ãŒã¯å©çšå¯èœãªã¢ããªã±ãŒã·ã§ã³ã䜿çšããåèªèšŒãå¿ èŠãšããã«ã¢ããªã±ãŒã·ã§ã³ãåãæ¿ããããšãã§ããŸãã ã€ãŸããéãããåãªãœãŒã¹ã§ãã¹ã¯ãŒãã䜿çšããŠåããã°ã€ã³ãå ¥åããå¿ èŠã¯ãããŸããã SSOã¯ããŸããŸãªèªèšŒæ¹æ³ã§åäœããŸããããã®èšäºã§ã¯ãã©ãŒã ããŒã¹ãNTLMãLDAPãRADIUSã®äžéšã®ã¿ãæ€èšããŸãã
æã人æ°ã®ãããã®ããå§ããŸãããã ããã¯ãã©ãŒã ããŒã¹èªèšŒã§ãã 圌女ã®ä»äºã«ã€ããŠç°¡åã«ïŒ
- ãŠãŒã¶ãŒãWebãµãŒããŒã«ããŒãžãèŠæ±ããŸãã
- WebãµãŒããŒã¯ããããèªèšŒãããŠããªãæªç¥ã®ãŠãŒã¶ãŒã§ããããšãèªèãããã°ã€ã³ãšãã¹ã¯ãŒããå ¥åããããã®ãã©ãŒã ãå«ãWebããŒãžãè¿ããŸãã
- ãã®ããŒãžãåãåã£ããŠãŒã¶ãŒã¯ãå¿ èŠãªãã©ãŒã ã«èšå ¥ããWebãµãŒããŒã«éãè¿ããŸãã
- ãã®ããŒã¿ãåä¿¡ããWebãµãŒããŒã¯ããã®ãããªãŠãŒã¶ãŒã®ååšã確èªãããã®ã¢ã«ãŠã³ããèªèšŒãããå Žåãæåã«èŠæ±ãããããŒãžããŠãŒã¶ãŒã«éä¿¡ããŸãã
ã»ãšãã©ãã¹ãŠã®ææ°ã®WebãµãŒããŒã¯ããã®ã¿ã€ãã®èªèšŒããµããŒãããŠããŸãã
Apache 1ãšããååã®äºåäœæãããä»®æ³ãã·ã³ã§ãSugarCRMã·ã¹ãã ãå®è¡ãããŠããŸãã ã¿ã¹ã¯ã¹ã±ãžã¥ãŒã©ãåŸæ¥å¡ã®ãªã¹ããé£çµ¡å ã®ãªã¹ããããŸããŸãªãã©ã³ã¶ã¯ã·ã§ã³ã«é¢ããæ å ±ãªã©ãåªããæ©èœãšæ©èœãåããŠããŸãã ãã®è£œåãããã«è©³ãã調ã¹ããå Žåã¯ãæå®ããããªã³ã¯ãã¯ãªãã¯ããŠãã ãã ã ç§ãã¡ã®ã¿ã¹ã¯ã¯ããã®ãµãŒãã¹ãUnified Gatewayã«çµ±åããSSOãæ§æããããšã§ãã

NetScalerãéããUnified Gatewayã«ç§»åããŸãã

UGããã«ãéããŸããããã«ã¯ããªã¢ã«ã¿ã€ã ã®ããã©ãŒãã³ã¹ã瀺ãããŸããŸãªã°ã©ããšãã£ãŒãããããŸãã ug1ãã¯ãªãã¯ããŠããã®èšå®ã«å ¥ããŸãã

以åã«èšå®ããéåžžã«5ã€ã®èšå®ãªãã·ã§ã³ã衚瀺ãããŸãã ã¢ããªã±ãŒã·ã§ã³ãéžæããŸã ã


Web ApplicationãéžæããŸã ã

WEBã¢ããªã±ãŒã·ã§ã³ã®æ§æããŒãžã«ç§»åããŸãã ååãã£ãŒã«ãã«SugarCRMãšèšè¿°ããã¢ããªã±ãŒã·ã§ã³ã¿ã€ããã£ãŒã«ãã«ããããããŠã³ãªã¹ãããã€ã³ãã©ãããã¢ããªã±ãŒã·ã§ã³ãéžæããã Unified Gateway URLãããã®ã¢ããªã±ãŒã·ã§ã³ã«ã¢ã¯ã»ã¹ã§ããããã«ããŸããïŒ ã ã€ãŸããUnified Gateway URLãä»ããŠãã®ã¢ããªã±ãŒã·ã§ã³ã䜿çšå¯èœã«ããŸãã

Dawãèšå®ããããšãSugarCRMã®URLãã©ã¡ãŒã¿ãŒãå ¥åããããã®ãã£ãŒã«ããéããŸãã æåã®ãã£ãŒã«ãã«ãã¢ãã¬ã¹/sugarcrm/index.phpãæžããŸãã ãããã¡ã€ã³ããŒãžã®ã¢ãã¬ã¹ã§ãã 2çªç®ã®ãã£ãŒã«ãã®ãã©ã¡ãŒã¿ãŒã¯èªåçã«å ¥åãããŸãã 次ã«ããã®ãµãŒãã¹ãå®è¡ãããŠãããµãŒããŒãéžæããå¿ èŠããããŸãã ã+ãã®ä»ãããã¿ã³ãã¯ãªãã¯ããŸãã

æ°ããèšå®ãŠã£ã³ããŠãéãåã«ã ãååããã£ãŒã«ãã«ã apache.training.labãšæžããŸã ã ããããããŠã³ãªã¹ãããã HTTPãããã³ã«ãéžæããŸã ã 次ã®ãã£ãŒã«ãã§ã ug1.training.labãæå®ããŸãã SugarCRMãå®è¡ããŠãããµãŒããŒïŒã€ãŸããApache 1ïŒã®IPã¢ãã¬ã¹ãæžãçããã+ããã¯ãªãã¯ããŠãã¢ãã¬ã¹ãäžéšã®ãã£ãŒã«ãã«è¿œå ãããããã«ããŸãã OKãã¯ãªãã¯ããŸãã

æ§æãããèšå®ã確èªã§ããèŠçŽãŠã£ã³ããŠãéããŸãã ããã§ãã[ å®äº ]ãã¯ãªãã¯ããŸãã

Webã¢ããªã±ãŒã·ã§ã³èšå®ãŠã£ã³ããŠã«æ»ããä»®æ³ãµãŒããŒãè¿œå ãããããšã確èªããŸãã ç¶è¡ãã¯ãªãã¯ããŸãã

èšå®ãããWEBã¢ããªã±ãŒã·ã§ã³ãå«ãæçµãŠã£ã³ããŠã衚瀺ãããŸãã

ã¢ããªã±ãŒã·ã§ã³ãUnified Gatewayãªã¹ãã«è¡šç€ºãããŠããããšã確èªããŸãã


[ ç¶è¡ããŠå®äº]ãã¯ãªãã¯ããŸãã ã¢ããªã±ãŒã·ã§ã³ãäœæãããŸããã UGã®ã¢ãã¬ã¹ã«ã¢ã¯ã»ã¹ããŠãå¯çšæ§ã確èªããŸãããã
ã¢ãã¬ã¹192.168.10.90ã«ç§»åããŸãã

åãè³æ Œæ å ±ïŒuser1 / Citrix123ïŒãå ¥åããŸãã

[ ã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹]ãéžæããŸã ã

ãããŠãEnterprise WEB SitesãŠã£ã³ããŠã«ãç»å ŽããSugarCRMã衚瀺ãããŸãã çŸåšã®æ§æã§ã¯ãSSOããŸã æ§æããŠããªããããã¯ãªãã¯ãããšããã°ã€ã³ãšãã¹ã¯ãŒãã®ãªã¯ãšã¹ããå«ãããŒãžãéããŸãã
ãã©ãŒã ããŒã¹èªèšŒãã©ã®ããã«æ©èœããããç解ããããã«ããã®æ©èœã®ã¡ã«ããºã ãããã«è©³ããèŠãŠã¿ãŸãããã

æ°ããã¿ããéããApache 1 WebãµãŒããŒïŒUnified Gatewayã¢ãã¬ã¹ã§ã¯ãããŸããïŒã«ããSugarCRMããŒãžã«ç§»åããŸãã ã¯ã©ã€ã¢ã³ãããµãŒããŒãšéä¿¡ããæ¹æ³ãç解ããã«ã¯ããã®ãœãŒã¹ã³ãŒãã調ã¹ãå¿ èŠããããŸãã Ctrl + UãæŒããšãããŒãžãœãŒã¹ãã¥ãŒã¢ãŒãã«åãæ¿ããããšãã§ããŸãïŒFirefoxãChromeãããã³IEã§ãåãã§ãïŒã

å€ãã®ããã¹ããå«ãããŒãžãéããŸãã ãŠãŒã¶ãŒã®ãã°ã€ã³ãæ åœãããã©ãŒã ãèŠã€ããå¿ èŠããããŸãã Ctrl + FããŒã®çµã¿åãããæŒããŠæ€çŽ¢ããã«ãéãã ããŠãŒã¶ãŒåããšå ¥åããŸã ã


ãããŠã圌ã¯æ¬åœã«ãã®ãããªç·ãèŠã€ããŠããããç·è²ã§åŒ·èª¿ããããšãããããŸãã 以äžã«ããã¹ã¯ãŒãããšããè¡ããããŸãã ãããã¯ããã°ã€ã³ãšãã¹ã¯ãŒããæ åœãããã©ãŒã ã§ãã å®éããããã®ãã©ãŒã ã¯ãã¢ããªã±ãŒã·ã§ã³ããšã«ç°ãªãæ¹æ³ã§åŒã³åºãããå ŽåããããŸãã
SugarCRMã§ã¯ã ãuser_nameãããã³ãuser_passwordããšåŒã°ããŸã ã

ãã®æ å ±ãèŠããŠãå°ãåŸã§æ»ã£ãŠããŸãã

ãã¹ã¯ãŒãã§ãã°ã€ã³ãã°ã€ã³ããŒãžã«æ»ããäœããå ¥åããåã«ããŠãŒãã£ãªãã£ãLive HTTP headersããéããŸãã
ãã®åŸããŠãŒã¶ãŒåãšãã¹ã¯ãŒãïŒuser1 / Citrix123ïŒãå ¥åã§ããŸãã [ ãã°ã€ã³]ãã¯ãªãã¯ããŠããã©ã€ãHTTPããããŒãã«æ»ããŸãã

ã¢ããªã±ãŒã·ã§ã³ã¯ãHTTPãããã³ã«ããŒãžã§ã³1.1ã䜿çšããŠãPOSTã¡ãã»ãŒãžã§å€ãã®ç°ãªããã©ã¡ãŒã¿ãŒãPOSTã¢ãã¬ã¹/sugarcrm/index.phpã«éä¿¡ããããšãããããŸãã ãã®æ å ±ã¯ããã©ãŒã ããŒã¹ã®SSOãããã¡ã€ã«ãäœæãããšãã«éåžžã«åœ¹ç«ã¡ãŸãã

ãã®è¡ãã³ããŒããŠã¡ã¢åž³ã«ä¿åããŸãã
次ã«ããªã¯ãšã¹ãã®éä¿¡åŸã«ã¢ããªã±ãŒã·ã§ã³ã«è¿ãããå 容ã確èªããå¿ èŠããããŸãã

å¿çã³ãŒã302ã®è¡ãŸã§ã¹ã¯ããŒã«ããŸãã
LocationããããŒãšãã®ãã©ã¡ãŒã¿ãŒã«èå³ããããŸãã ãã®è¡ã¯ãã¯ã©ã€ã¢ã³ããæ£åžžã«èªèšŒãããã¡ã€ã³ããŒãžã«ãªãã€ã¬ã¯ããããããšã瀺ããŠããŸãã ãã®è¡ãã³ããŒããŸãã
次ã«ãNetScalerãæ§æããŸãã

ã¡ã€ã³ããŒãžããã [ã»ãã¥ãªãã£]-> [AAA]-[ã¢ããªã±ãŒã·ã§ã³ãã©ãã£ãã¯]-> [ããªã·ãŒ]-> [ãã©ãã£ãã¯]ã«ç§»åããŸãã [ ãã©ãŒã SSOãããã¡ã€ã« ]ã¿ãã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

SSOãããã¡ã€ã«èšå®ãŠã£ã³ããŠãéããŸãã
1ïŒãããã¡ã€ã«ã®ååãæžããŸã-sugarcrm_SSOã
2ïŒãã®ãããã¡ã€ã«ãäœæãããURLãç»é²ããŸãã
3ïŒãã°ã€ã³ãå«ããã©ãŒã ã®ååãç»é²ãããŸãã
4ïŒãã¹ã¯ãŒããå«ããã©ãŒã ã®ååãç»é²ãããŸãã
5ïŒãã®ãããã¡ã€ã«ã®åŒãŸãã¯æäœãäœæããŸãã ãããã³ããŒããããã®ã§ãã
6ïŒå¿çãµã€ãºã16192ã«èšå®ããŸããããã¯æ»ããµã€ãºã§ãã
7ïŒæœåºãããããããŠã³ãªã¹ããã[åç]ãéžæããŸãã
8ïŒã¡ãœããã®éä¿¡POSTãéžæããŸãã ã€ãŸããPOSTã¡ãã»ãŒãžãéä¿¡ããŸãã
äœæãã¯ãªãã¯ããŸã ã

次ã«ã[ ãã©ãã£ãã¯ãããã¡ã€ã« ]ã¿ããéãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

1ïŒãããã¡ã€ã«åãèšå®ããŸãã
2ïŒã¿ã€ã ã¢ãŠããèšå®ããŸãïŒãã®å Žåã¯1åïŒã
3ïŒãã®ãããã¡ã€ã«ã®SSOã¡ã«ããºã ããªã³ã«ããŸãã
4ïŒä»¥åã«äœæãããSSOãããã¡ã€ã«ãéžæããŸãã
ãããŠã äœæãã¿ã³ãã¯ãªãã¯ããŸã ã
[ ãã©ãã£ãã¯ããªã·ãŒ ]ã¿ãã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

ããã§ã¯ããã©ãŒã ã«åºã¥ããSSOãå®è¡ãããæ¡ä»¶ãäœæããŸãã
1ïŒsugarcrm_SSO_polãšããååãä»ããŸãã
2ïŒããããããŠã³ãªã¹ããã以åã«äœæãããããã¡ã€ã«ãéžæããŸãã
3ïŒãã®ããªã·ãŒãæ©èœããåŒãéžæããŸãã HTTP.REQ.URL.PATH_AND_QUERY.EQïŒ " /sugarcrm/index.php ïŒã¢ã¯ã·ã§ã³=ãã°ã€ã³ïŒã¢ãžã¥ãŒã«=ãŠãŒã¶ãŒ"ïŒã ãã®åŒã§ã¯ãLive HTTPããããŒããã³ããŒããã¢ãã¬ã¹ãè¿œå ããŸãã
äœæãã¯ãªãã¯ããŸã ã ããªã·ãŒãäœæããã次ã«ããããé©çšããå¿ èŠããããŸãã

[ ãã©ãã£ãã¯ç®¡ç ] -> [è² è·åæ£]-> [ä»®æ³ãµãŒã㌠]ã¿ãã«ç§»åããäœæ¥äžã®apache.training.labãéžæããŠ[ ç·šé ]ãã¿ã³ãã¯ãªãã¯ããŸãã
䜿ãæ £ããä»®æ³ãµãŒããŒæ§æãŠã£ã³ããŠãéããŸãã å³åŽã®[詳现èšå®]åãå¿ èŠã§ãã

ããªã·ãŒãéžæããŸãã

éãããŠã£ã³ããŠã§ãã+ããã¿ã³ãã¯ãªãã¯ããŸãã

Trafficããªã·ãŒãšãã©ãã£ãã¯ã¿ã€ãRequestãéžæããŸãã ç¶è¡ãã¯ãªãã¯ããŸãã

[ããªã·ãŒã®ãã€ã³ã]ãŠã£ã³ããŠãéããŸããããã§ãããªã·ãŒãéžæããå¿ èŠããããŸãã [ããªã·ãŒã®éžæ]ãéããŸãã

äœæãããsugarcrm_SSO_polãéžæã ã éžæãã¿ã³ãæŒããŸãã


ããªã·ãŒãéžæãããŠãããšç¢ºä¿¡ããŠããŸãã [ ãã€ã³ã]ãã¿ã³ãš[ å®äº]ãã¿ã³ãæŒããŸãã
ããªã·ãŒãé©çšãããŸããã€ãŸããSSOã¡ã«ããºã ãæ©èœããå¿ èŠããããŸãã ã芧ãã ããã

192.168.10.90ãéããŸãïŒã¿ããäœæããŸããïŒã

ããªãã¿ã®ãŠã£ã³ããŠãéããŸãã ããã«ãã¹ãŠåãã¢ã«ãŠã³ããå ¥åããŸãã

[ ã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹]ãéžæããŸã ã

SugarCRMã·ã§ãŒãã«ãããã¯ãªãã¯ããŸãã

ãããŠããã¹ã¯ãŒãã䜿çšããŠè¿œå ã®ãã°ã€ã³ããã€ãã¹ããèªåçã«SugarCRMã·ã¹ãã ã«å ¥ããŸãã ã芧ã®ãšãããããã¯ãéããŠããã¢ããªã±ãŒã·ã§ã³ããšã«åããŠãŒã¶ãŒåãšãã¹ã¯ãŒããå ¥åãããããã¯ããã«äŸ¿å©ã§ãã
次ã«ç¢ºèªããèªèšŒæ¹æ³ã¯NTLMïŒNT Lan MangerïŒã§ãã ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã çšã«Microsoftãéçºãããããã³ã«ã ææ°ããŒãžã§ã³ã¯NTLMv2ãšåŒã°ããWindows 10ãŸã§äœ¿çšãããŠããŸããèªèšŒæ¹æ³ã¯ãã©ãŒã ããŒã¹ãšã¯å°ãç°ãªããŸãããéåžžã«ç°¡åã§ãã
1ïŒã¯ã©ã€ã¢ã³ãã¯ãµãŒããŒã«èŠæ±ãéä¿¡ãããµãŒããŒããµããŒãããŠããNTLMã®ããŒãžã§ã³ãå ±åããŸãã
2ïŒèŠæ±ãåä¿¡ãããšããµãŒããŒã¯æãå®å šãªãããã³ã«ãéžæããã¯ã©ã€ã¢ã³ãã«å¿çãéä¿¡ããŸãã
3ïŒåçãåãåã£ãã¯ã©ã€ã¢ã³ãã¯ãã©ã®æ¹èšïŒãŸãã¯ãããã³ã«ããŒãžã§ã³ïŒã§ãµãŒããŒãšéä¿¡ããããç解ããèŠæ±ãNEGOTIATE_MESSAGEã«éä¿¡ããŸãã ã€ãŸããè¿æã®èšç«ã
4ïŒãã®ã¡ãã»ãŒãžãåä¿¡ãããµãŒããŒã¯ã CHALLENGE_MESSAGEãéä¿¡ããŸãã ããã¯ã©ã³ãã ãª8ãã€ãã·ãŒã±ã³ã¹ã§ãã
5ïŒã¯ã©ã€ã¢ã³ãã¯ãã®ã·ãŒã±ã³ã¹ãåä¿¡ãããã¹ã¯ãŒãã䜿çšããŠãããæå·åãã AUTHENTICATE_MESSAGEå¿çããµãŒããŒã«éä¿¡ããŸã ã
6ïŒå¿çãåä¿¡ãããµãŒããŒã¯ãåãã·ãŒã±ã³ã¹æå·åæäœãå®è¡ããçµæãæ¯èŒããŸãã ãããã®çµæã«åºã¥ããŠãã¢ã¯ã»ã¹ãèš±å¯ãŸãã¯æåŠããŸãã
NTLMãããã³ã«ã§äœ¿çšãããæåãªWebã¢ããªã±ãŒã·ã§ã³ã®1ã€ã¯ãMicrosoft Sharepointã§ãã ãã®ä»®æ³ãã·ã³ã¯ãã§ã«äœæãããŠããŸãã NetScalerã«è¿œå ããã ãã§ãã

NetScalerã®ã¡ã€ã³ããŒãžã§ã Traffic Management-> Load Balancing-> Serversã«ç§»åãã Addãã¿ã³ãã¯ãªãã¯ããŸãã

ãµãŒããŒåsrv_sharepointãšIPã¢ãã¬ã¹192.168.10.25ïŒä»®æ³ãã·ã³ã¢ãã¬ã¹ïŒãèšè¿°ããŸãã äœæãã¯ãªãã¯ããŸã ã

次ã«ã[ ãµãŒãã¹ ]ã¿ãã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

ãµãŒãã¹èšå®ãŠã£ã³ããŠãéããŸãã svc_sharepointãšããååãæžããŸãã æ¢åã®ãµãŒã㌠ïŒã€ãŸãã æ¢åã®ãµãŒã㌠ïŒãéžæãã以åã«è¿œå ããsrv_sharepointãéžæããŸãã ã€ãŸãã192.168.10.25ã«ãããµãŒããŒã®ããŒã80ã§å®è¡ãããHTTPãµãŒãã¹ãéžæããŸãã OKãã¯ãªãã¯ããŸãã

次ã®ã¹ãããã¯ãSharepointã®ä»®æ³è² è·åæ£ãµãŒããŒãäœæããããšã§ãã [ ä»®æ³ãµãŒã㌠]ã¿ãã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

èšå®ãŠã£ã³ããŠãéããŸãã ååãã£ãŒã«ãã«ãsharepoint.training.labãHTTPãããã³ã«ããã³IPã¢ãã¬ã¹192.168.10.110ãæžã蟌ã¿ãŸãã ãã®åŸã[ OK ]ãã¯ãªãã¯ããŸãã

次ã®ãŠã£ã³ããŠã«ã¯ããã©ã³ã·ã³ã°ãèšå®ãããŠããªããšããã¡ãã»ãŒãžã衚瀺ãããŸãã æåã®è¡ãã¯ãªãã¯ããŠããµãŒãã¹èšå®ã«å ¥ããŸãã

ãµãŒãã¹éžæãŠã£ã³ããŠãã¯ãªãã¯ããŸãã

å©çšå¯èœãªãµãŒãã¹ã®ãªã¹ããå«ããŠã£ã³ããŠãéããŸãã svc_sharepointãéžæãã éžæãã¿ã³ãæŒããŸãã

ãã®åŸãåã®ãŠã£ã³ããŠã«æ»ãã ãã€ã³ããã¿ã³ãæŒããŸãã

ãã®åŸã1ã€ã®ä»®æ³ãã©ã³ã·ã³ã°ãµãŒããŒãããããšã瀺ãéç¥ãŠã£ã³ããŠã衚瀺ãããŸãã
ãµãŒãã¹ãæ§æããããã°ã€ã³ãè©Šè¡ããŸãã

ãã©ãŠã¶ãéãããã¡ã€ã³åã«ç§»åããŸãã

èªèšŒãŠã£ã³ããŠãããã«è¡šç€ºãããŸãã ãã¹ã¯ãŒããå ¥åãããšãã¡ã€ã³ããŒãžã衚瀺ãããŸãã 圌ã«çŽæ¥è¡ãããšã«æ³šæããŠãã ããã ãã ããUnified Gatewayãä»ããŠã¢ã¯ã»ã¹ããå¿ èŠããããŸãã
ãããŸã§ãNetScalerã§æ§æããŸããã Unified Gatewayã«è¿œå ããŸãã

UGãéããŸãã

èšå®æžã¿ã®ug1ãéžæããŸãã

ãããŠãã¢ããªã±ãŒã·ã§ã³ãŠã£ã³ããŠã§ãéçã§ãã¿ã³ãã¯ãªãã¯ããŸãïŒç·šéãæå³ããŸãïŒã

ãã®åŸãéçãã+ãã«å€ãããã¯ãªãã¯ããŸãã

WEBã¢ããªã±ãŒã·ã§ã³ãéžæããŸãã

ã¢ããªã±ãŒã·ã§ã³ã«ååãä»ããã¿ã€ããã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹ãšããŠå®çŸ©ããŸãã

ãã®ãµãŒãã¹ãžã®URLãç»é²ãã[ ç¶è¡ ]ãã¯ãªãã¯ããŸãã

æŠèŠãŠã£ã³ããŠã衚瀺ãããŸãã [ å®äº]ãã¯ãªãã¯ããŸãã


ãã®åŸã以åã«äœæãããSugarCRMã®æšªã®ãªã¹ãã«SharePointã¢ããªã±ãŒã·ã§ã³ã衚瀺ãããŸãã ãŠãŒã¶ãŒã¢ã«ãŠã³ãã§ãã°ã€ã³ããŠãå¯çšæ§ã確èªããŸãããã

UGãéããŸãã

è³æ Œæ å ±ãå ¥åããŸãã

[ ã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹]ãéžæããŸã ã

ã¢ããªã±ãŒã·ã§ã³ãå®éã«è¡šç€ºãããããšãããããŸãã ã¯ãªãã¯ãããšãããã«èªèšŒãŠã£ã³ããŠã衚瀺ãããŸãã

ããã¯ç§ãã¡ã«ã¯é©ãããNTLMv2ãããã³ã«ã®SSOèšå®ã«æ»ããŸãã

NetScalerã«æ»ããŸãã NetScaler Gateway->ããªã·ãŒ->ã»ãã·ã§ã³ã«ç§»åããŸãã [ ã»ãã·ã§ã³ãããã¡ã€ã« ]ã¿ãã®æšªã«ãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

SSO_NTLM_Sharepointãšããååã®æ°ãããããã¡ã€ã«ãäœæããŸãã

[ ã¯ã©ã€ã¢ã³ããšã¯ã¹ããªãšã³ã¹ ]ã¿ããéžæããŸãã [ ã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹]ããããããŠã³ãªã¹ããã[ èš±å¯]ãéžæããWebã¢ããªã±ãŒã·ã§ã³ã®SSOãèšå®ããŸãã

[ã»ãã¥ãªãã£]ã¿ãã«ç§»åããèš±å¯ïŒã€ãŸããæå¹åïŒãªã©ã®æ¿èªã®æšæºã¢ã¯ã·ã§ã³ãéžæããŸãã æåŸã«ã[ äœæ ]ãã¿ã³ãã¯ãªãã¯ããŸã ã
次ã«ãã»ãã·ã§ã³ã®ããªã·ãŒãäœæããå¿ èŠããããŸãã

ãããè¡ãã«ã¯ã[ ã»ãã·ã§ã³ããªã·ãŒ ]ã¿ãã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

ããªã·ãŒã«SSO_NTLM_sharepointãšããååãä»ããŸãã ããããããŠã³ãªã¹ãããã以åã«äœæãããããã¡ã€ã«ãéžæããŸãã ãããŠãåŒns_trueãæžããŸãã
次ã«ãäœæããããªã·ãŒãUnified Gatewayã«ãã€ã³ãããå¿ èŠããããŸãã

NetScaler Gateway- > Virtual Serversã«ç§»åããæ¢åã®UG_VPN_ug1ãç·šéããŸã ã

ã+ããã¯ãªãã¯ããŸãã

Sessionãtype RequestïŒã€ãŸããrequestsïŒãªã©ã®æ°ããããªã·ãŒãå®çŸ©ããŸãã

[ ãã€ã³ãã®è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŠã ã»ãã·ã§ã³ããªã·ãŒ ããã€ã³ãããŸãã

[ ããªã·ãŒãã€ã³ã]ãŠã£ã³ããŠãéããŸãã ããããããŠã³ãªã¹ããã¯ãªãã¯ããŸãã

ãããŠã以åã«äœæããSSO_NTLM_sharepointãéžæããŸãã


ãã®åŸã[ãã€ã³ã]ãã¿ã³ãæŒããŠãã€ã³ããããŠã£ã³ããŠãéããŸãã

ãã®åŸã2ã€ã®ã»ãã·ã§ã³ããªã·ãŒãããããšãããããŸãã
ãŠãŒã¶ãŒãšããŠãã°ã€ã³ããŠã¿ãŸãããã




SharePointã·ã§ãŒãã«ãããã¯ãªãã¯ããŸãã

ãããŠãSharePointã®ããŒãžã«èªåçã«ã¢ã¯ã»ã¹ããŸãã ug1.training.labãã¢ãã¬ã¹ããŒã«æžã蟌ãŸããŠããããšã«æ³šæããŠãã ããã ãããã£ãŠãUnified Gatewayã¯ããã¹ã¯ãŒãã䜿çšããŠãã°ã€ã³ãåèŠæ±ããã«ã¢ããªã±ãŒã·ã§ã³ã«ã¹ãããããŸããã èªèšŒçšã ãããã£ãŠãSSOãNTLMv2ãããã³ã«ã§åäœããããã«æ§æããŸããã
次ã«æ§æãããµãŒãã¹ã¯ãOutlook Web AccessãŸãã¯OWAã§ãã ã¡ãŒã«ãµãŒããŒã«ã¢ã¯ã»ã¹ããããã®æã人æ°ã®ããäŒæ¥Webã¯ã©ã€ã¢ã³ãã®1ã€ã ãããã£ãŠãå¿ ãè¿œå ããŠãã ããã ããã¯ã以åã®ãã®ããå°ãé·ãæ§æãããŠããŸãããéåžžã«åçŽã§ãã
æåã«ãOWAã¢ããªã±ãŒã·ã§ã³ããªã³ã¯ããExchangeãåããä»®æ³ãµãŒããŒãè¿œå ããŸãã

[ãã©ãã£ãã¯ç®¡ç]-> [è² è·åæ£ ] -> [ãµãŒããŒ]ã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

ãµãŒããŒèšå®ãŠã£ã³ããŠãéããŸãã [åå]ãã£ãŒã«ãã«srv_exchangeãšæžã蟌ã¿ããµãŒããŒã®IPã¢ãã¬ã¹ã以äžã®ããã«æžããŸãïŒ192.168.10.20ã[ äœæ ]ãã¯ãªãã¯ããŸã ã
次ã«ãExchangeãµãŒããŒã®ç¶æ ã«å¿çãããµãŒãã¹ãè¿œå ããå¿ èŠããããŸãã OWAã¢ããªã±ãŒã·ã§ã³ãæ©èœããããã«å¿ èŠã§ãã

[ãã©ãã£ãã¯ç®¡ç]-> [è² è·åæ£ ] -> [ã¢ãã¿ãŒ ]ã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

èšå®ãŠã£ã³ããŠãéããååãæå®ããŠãããããããŠã³ãªã¹ãããHTTPãããã³ã«ãéžæããŸãã
次ã«ãäžã«ã¹ã¯ããŒã«ããŸã

Secureã®è¿ãã«Dawãé 眮ããŸããã [ äœæ ]ãã¯ãªãã¯ããªãã§ãã ãã ïŒ

æ»ã£ãŠã[ ç¹æ®ãã©ã¡ãŒã¿ ]ã¿ãã«ç§»åããŸãã ããã§ã¯ãHTTPãªã¯ãšã¹ããGET /owa/healthcheck.htmããäœæããŸãã ãããŠã以äžã«ã³ãŒã200ãæ®ããŸããã€ãŸãããã®ããŒãžããªã¯ãšã¹ããããšããçãã¯ã³ãŒã200ïŒã€ãŸãOKïŒã䌎ãã¯ãã§ãã äœæãã¯ãªãã¯ããŸã ã
次ã«ãExchangeãµãŒããŒã®è² è·åæ£ãµãŒãã¹ãäœæããå¿ èŠããããŸãã

[ãã©ãã£ãã¯ç®¡ç]-> [è² è·åæ£ ] -> [ãµãŒãã¹ ]ã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

ãµãŒãã¹ã®ååãæžããŸãã æ¢åã®ãµãŒããŒïŒ Existing Server ïŒãéžæããããããããŠã³ãªã¹ãããã以åã«è¿œå ããããµãŒããŒãšSSLãããã³ã«ãéžæããŸãã OKãã¯ãªãã¯ããŸãã

[ã¢ãã¿ãŒ]ã¿ãã§ã1ã€ã®ãµãŒãã¹ãæ¢ã«å®è¡ãããŠããããšãããããŸãã ã¯ãªãã¯ããŠãã ããã

tcp-defaultãµãŒãã¹ãæ¢ã«å®è¡ãããŠããããšãããããŸãã [ ãã€ã³ãã£ã³ã°ã®è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŠãå¥ã®ãã¿ã³ãè¿œå ããŸãã

èšå®ãŠã£ã³ããŠãéããŸãã [ ã¢ãã¿ãŒã®éžæ ]ã¿ããã¯ãªãã¯ããŸãã

åã«äœæããowa_monãéžæããã éžæããã¿ã³ãæŒããŸãã

[ ãã€ã³ã ]ãã¿ã³ã§ãã€ã³ãããŸãã

ãµãŒãã¹ãé¢é£ä»ããããŠããããšã確èªãã[ éãã ]ãã¯ãªãã¯ããŸã ã
次ã«ãExchangeãµãŒããŒçšã®ä»®æ³ãã©ã³ã¹ãµãŒããŒãäœæããå¿ èŠããããŸãã

[ãã©ãã£ãã¯ç®¡ç]-> [è² è·åæ£]-> [ä»®æ³ãµãŒããŒ]ã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

èšå®ãŠã£ã³ããŠãéããŸãã ãµãŒããŒåãç»é²ããããããããŠã³ãªã¹ãããSSLãããã³ã«ãšIPã¢ãã¬ã¹192.168.10.140ãéžæããŸãã OKãã¯ãªãã¯ããŸãã

[ ãµãŒãã¹ãšãµãŒãã¹ã°ã«ââãŒã ]ã¿ãã§ãã©ã®ãµãŒãã¹ã«ããã€ã³ããããŠããªãããšãããããŸãã ãã®è¡ãã¯ãªãã¯ããŸãã

ãµãŒãã¹ãã€ã³ããŠã£ã³ããŠãéããŸãã [ ãµãŒãã¹ã®éžæ]ãã¯ãªãã¯ããŸã ã

svc_exchangeãéžæããŸãã

ãã€ã³ããã¯ãªãã¯ããŸãã

ãããŠç¶è¡ããŸãã
次ã«ãä»®æ³ãµãŒããŒã«SSL蚌ææžãè¿œå ããå¿ èŠããããŸãã

[ 蚌ææž ]ã¿ãã«ç§»åãã[ ãµãŒããŒèšŒææžãªã ]è¡ãã¯ãªãã¯ããŸãã

[ ãµãŒããŒèšŒææžã®éžæ]ãã¯ãªãã¯ããŸã ã

æ¢åã®wildcard.training.labãéžæããŸãã

蚌ææžãéžæãããŠããããšã確èªããã ãã€ã³ãããã¿ã³ãã¯ãªãã¯ããŸãã

蚌ææžãµãŒããŒãè¿œå ãããããšã瀺ããŠã£ã³ããŠã衚瀺ãããŸãã ç¶è¡ãã¯ãªãã¯ããŸãã
次ã«è¡ãããšã¯ãä»®æ³ãµãŒããŒããªã·ãŒãæ§æããããšã§ãã

[ 詳现èšå® ]ã¿ãã§ã[ ããªã·ãŒ ]ãéžæããŸãã

空ã®ãŠã£ã³ããŠãéããŸãã ã+ããã¯ãªãã¯ããŸãã

ããããããŠã³ãªã¹ããã[ã¬ã¹ãã³ããŒ]ïŒã€ãŸããåçïŒãéžæãã[ ç¶è¡ ]ãã¯ãªãã¯ããŸãã

次ã«ããã®ããªã·ãŒããã€ã³ãããŸãã ã+ããã¿ã³ãã¯ãªãã¯ããŠããã®ããªã·ãŒã®ã¢ã¯ã·ã§ã³ãäœæããŸãã

ååãšåŒããHTTP.REQ.URL.STARTSWITHïŒã/ owaãïŒãNOTããšæžããŸãã ã€ãŸããã/ owaãããŒãžããã§ã¯ãªããªã¯ãšã¹ãã®å Žåã¯ã+ãã¿ã³ãæŒããŠæ¬¡ã®ã¢ã¯ã·ã§ã³ãè¿œå ããŸãã

åãååãæžããããããããŠã³ãªã¹ããã[ãªãã€ã¬ã¯ã]ãéžæããŸãïŒãªãã€ã¬ã¯ãïŒã 以äžã¯ã/ owaããšããè¡šçŸã§ãã ã€ãŸãããã®ããªã·ãŒã¯ãªã¯ãšã¹ãããã®ããŒãžã«ãªãã€ã¬ã¯ãããŸãã äœæãã¯ãªãã¯ããŸã ã

ãã®çµæããã¹ãŠã®ããªã·ãŒèšå®ã®ãŠã£ã³ããŠã衚瀺ãããŸãã ã€ãŸããã/ owaãã§å§ãŸã£ãŠããªããã¹ãŠã®ãªã¯ãšã¹ãã¯ããã®ããŒãžã«ãªãã€ã¬ã¯ããããŸãã äœæãã¯ãªãã¯ããŸã ã

ãããŠããã®ããªã·ãŒãã ãã€ã³ãããã¿ã³ã§ãã€ã³ãããŸãã

次ã«ãSSOãæ§æããããã«ä»®æ³AAAãµãŒããŒïŒèªèšŒãæ¿èªãã¢ã«ãŠã³ãã£ã³ã°ïŒãè¿œå ããå¿ èŠããããŸãã
[ã»ãã¥ãªãã£]-> [AAA]-[ã¢ããªã±ãŒã·ã§ã³ãã©ãã£ãã¯]-> [ä»®æ³ãµãŒããŒ]ã«ç§»åãã[ è¿œå ]ãã¿ã³ãã¯ãªãã¯ããŸãã

ååãIPã¢ãã¬ã¹ãããã³èªèšŒãã¡ã€ã³ïŒã€ãŸããTRAININGãã¡ã€ã³ã«å±ããå šå¡ïŒãç»é²ããŸãã OKãã¯ãªãã¯ããŸãã
ããã«ç¶ããŠãåæ§ã®èšŒææžã®ã»ããã¢ãããè¡ãããŸãã






é«åºŠãªããªã·ãŒã¯äœ¿çšããã[ ç¶è¡ ]ãã¯ãªãã¯ããŸãã

åºæ¬èªèšŒããªã·ãŒãèšå®ããŸãã

LDAPãããã³ã«ãéžæãã[ ç¶è¡ ]ãã¯ãªãã¯ããŸãã

次ã«ãããªã·ãŒããã€ã³ãããå¿ èŠããããŸãã [ ããªã·ãŒã®éžæ]ãã¯ãªãã¯ããŸãã

ãããŠãå ã»ã©äœæããtraining.lab_poolãéžæããŸãã

ãã€ã³ããã¯ãªãã¯ããŸãã

ã¡ãã¥ãŒã®å³åŽã«[詳现èšå®]ãŠã£ã³ããŠãããããããã[ ããªã·ãŒ ]ãéžæããŸãã

æ°ããããªã·ãŒãè¿œå ã§ãã空ã®ãŠã£ã³ããŠãéããŸãã ã+ããã¯ãªãã¯ããŸãã

ã»ãã·ã§ã³ã®ããªã·ãŒãéžæããŸãã

å¿ èŠãªããªã·ãŒãäœæããŸãã

ååãèšå®ããåŒãns trueããèšè¿°ããŸãã 次ã«ãã+ããã¯ãªãã¯ããŠããã®ããªã·ãŒã«ã¢ã¯ã·ã§ã³ãè¿œå ããŸãã

èš±å¯ã«ãŒã«ã§ã¯ãèš±å¯ïŒã€ãŸãèš±å¯ïŒã®æ¹æ³ãå®çŸ©ããŸãã SSOãæå¹ã«ãããã¡ã€ã³ãCookieã決å®ããæå¹æ§ãèšå®ããŸãã ãããã®ãã©ã¡ãŒã¿ãã°ããŒãã«ã«å®çŸ©ãã[ äœæ ]ãã¿ã³ã䜿çšããŠäœæããã«ã¯ãã«ã¹ã¿ã dawãã£ãŒã«ãã®å察åŽã«é 眮ããããšãå¿ããªãã§ãã ããã

æåŸã®ãŠã£ã³ããŠã衚瀺ããã[ äœæ ]ãã¯ãªãã¯ããŸã ã

æåã®ãŠã£ã³ããŠã«æ»ãã以åã«äœæããããªã·ãŒãæ·»ä»ãããŠããããšã確èªããŸãã çµæã®ãã€ã³ããã¿ã³ãçµåããŸãã

NetScalerã«æ§æãä¿åããããšãå¿ããªãã§ãã ããã
次ã«ãwebmail.training.labã§èªèšŒãæ§æããŸãã

[ãã©ãã£ãã¯ç®¡ç]-> [è² è·åæ£]-> [ä»®æ³ãµãŒããŒ]ã«ç§»åããŠããµãŒããŒãéžæãã[ ç·šé ]ãã¿ã³ãã¯ãªãã¯ããŠç·šéããŸãã

èªèšŒãéžæããŸãã

[ ãã©ãŒã ããŒã¹èªèšŒ]ãéžæããååãä»®æ³ãµãŒããŒã®çš®é¡ãæå®ããããããããŠã³ãªã¹ãããå ã«è¿œå ãããã®ãéžæããŸãã

ãã§ã«1ã€ã®ããªã·ãŒããããŸãã ãã ããã·ã¹ãã ã«ãã°ã€ã³ããã³ãã°ã¢ãŠãããããã®ããªã·ãŒãè¿œå ããå¿ èŠããããŸãã ã+ããã¯ãªãã¯ããŸãã

éãããŠã£ã³ããŠã§ã[ ãã©ãã£ãã¯]ãéžæããŸãã

ããã§ãããªã·ãŒãäœæããŠãã€ã³ãããå¿ èŠããããŸãã

ããªã·ãŒã«ååãä»ããŠããHTTP.REQ.URL.CONTAINSïŒ "/ owa / auth / logon.aspx"ïŒããšããåŒãèšå®ããŸãã ã+ããæŒããŠãããã¡ã€ã«ãäœæããåŸã

ååãèšå®ããã¿ã€ã ã¢ãŠããååäœã§æ±ºå®ããSSOãæå¹ã«ããŸãã 次ã«ãSSOãæ©èœãããã©ãŒã ã決å®ããå¿ èŠããããŸãã ãã©ãŒã SSOãããã¡ã€ã«ã®å察åŽã®ã+ããã¯ãªãã¯ããŸãã

SSOãã©ãŒã èšå®ãŠã£ã³ããŠãéããŸãã ååãã¢ã¯ã·ã§ã³URLããã°ã€ã³ãã©ãŒã ããã¹ã¯ãŒããåŒããã®ä»ã®å±æ§ãèšå®ããŸãã å®éããããã¯æšæºã®èªèšŒãã©ã¡ãŒã¿ãŒã§ãããOWAã¢ããªã±ãŒã·ã§ã³ãã»ããã¢ããããå Žåãåãã§ããããã詳现ã説æããæå³ã¯ãããŸããã äœæãã¯ãªãã¯ããŸã ã

åã®ãã©ãã£ãã¯ããªã·ãŒãŠã£ã³ããŠã«æ»ãã[ äœæ ]ãã¯ãªãã¯ããŸã ã

ããªã·ãŒãã€ã³ããŠã£ã³ããŠã«å ¥ãã [ããªã·ãŒã®éžæ]ãã£ãŒã«ãã§å®éã«éžæãããŠããããšã確èªããŸãã [ ãã€ã³ã ]ãã¯ãªãã¯ããåŸã
ããã§ããã°ã€ã³ãŸãã¯ãã°ãªã³ã®ããªã·ãŒãäœæããŠãªã³ã¯ããŸããã çµäºãŸãã¯ãã°ãªãããããã«äœæããå¿ èŠããããŸãã

ã+ãã®ä»ãããã¿ã³ãã¯ãªãã¯ããŠãå¥ã®ããªã·ãŒãäœæããŸãã

ãã©ãã£ãã¯ã®ããªã·ãŒãéžæãã[ ç¶è¡ ]ãã¯ãªãã¯ããŸãã

æ°ãããã€ã³ãã£ã³ã°ãè¿œå ããŸãã

åªå 床90ïŒåã®åªå 床ã¯100ïŒãèšå®ããã+ããã¯ãªãã¯ããåã«ãæ°ããããªã·ãŒãè¿œå ããŸãã

ãã©ãã£ãã¯ããªã·ãŒãäœæããããã®ãŠã£ã³ããŠãéããŸããååãèšå®ããåŒãHTTP.REQ.URL.CONTAINSïŒã/ owa / logoff.owaãïŒãèšè¿°ããŸãã ã+ããä»ãããã¿ã³ãã¯ãªãã¯ããŠããããã¡ã€ã«ãäœæããŸãã

ããªã·ãŒã«ååãä»ããã¿ã€ã ã¢ãŠããååäœã§ç€ºããSSOãæå¹ã«ããŠããã°ã¢ãŠãã®éå§ã®åã«Dawãé 眮ããŸãïŒã€ãŸããçµäºãéå§ããŸãïŒãäœæãã¯ãªãã¯ããŸãã

åã®ãŠã£ã³ããŠã«æ»ããŸãããããã¡ã€ã«ãéžæãããŠããããšã確èªãããäœæããã¯ãªãã¯ããŸãã

ããªã·ãŒãã€ã³ããŠã£ã³ããŠã§ãæ£ããããªã·ãŒãéžæããã[ ãã€ã³ã ]ãã¿ã³ã§ãã€ã³ããããŠããããšãããããŸãã

ãŠã£ã³ããŠãéããããªã·ãŒã®ãªã¹ãã衚瀺ãããŸããéãããã¯ãªãã¯ããŸãã

ãããŠå®äºã
æ§æãNetScalerã«ä¿åããŸãã
å¿ èŠãªãã¹ãŠã®èšå®ãšããªã·ãŒãæ§æãããã®ã§ãã¢ããªã±ãŒã·ã§ã³èªäœãUnified Gatewayã«è¿œå ããŸãã

ãŠããã¡ã€ãã²ãŒããŠã§ã€ã«æž¡ããŸãã

ug1ãéžæããŸãã

éçã§ãã¿ã³ãã¯ãªãã¯ããŠãç·šéã¢ãŒãã«ç§»åããŸãã

ãããŠãæ°ããã¢ããªã±ãŒã·ã§ã³ãè¿œå ããŸãã

WEBã¢ããªã±ãŒã·ã§ã³ãéžæããŸãã

ååãèšå®ããŸãããã ãã[ ã¢ããªã±ãŒã·ã§ã³ã®çš®é¡]ãŠã£ã³ããŠã§ã¯ã[ã¯ã©ã€ã¢ã³ãã¬ã¹ã¢ã¯ã»ã¹]ã§ã¯ãªãã[ãã®NetScalerã®äºåæ§ææžã¿ã¢ããªã±ãŒã·ã§ã³] ãéžæããŸãã次ã«ããµãŒãã¹URLãèŠå®ããŸãããããŠãä»®æ³ãµãŒããŒãéžæããŸãã

ãããéžæããåŸç¶ã®ãŠã£ã³ããŠã§[ ç¶è¡ããŠå®äº ]ãã¯ãªãã¯ããŸãã


ã¢ããªã±ãŒã·ã§ã³ãè¿œå ãããŸããã次ã«ãUGã«ãŠãŒã¶ãŒãšããŠãã°ã€ã³ããŠç¢ºèªããŸãã



衚瀺ãããã¢ããªã±ãŒã·ã§ã³ã確èªããŠã¯ãªãã¯ããŸãã

ãŸããè¿œå ã®æ¿èªãŠã£ã³ããŠãªãã§ãã¡ãŒã«ãŸãã¯Outlook Web Appã«ã¢ã¯ã»ã¹ããŸãã
ãããã£ãŠãSSOã¡ã«ããºã ã䜿çšããŠãUnified Gatewayãä»ããäŒæ¥ã¡ãŒã«ãžã®ã¢ã¯ã»ã¹ãèšå®ããŸãããã€ãŸãããŠãŒã¶ãŒåãšãã¹ã¯ãŒããäžåºŠå ¥åããŸãã
ãã ããããã¯å®å šã§ã¯ãªããšäž»åŒµãã人ãããã°ããã¹ã¯ãŒãä»ãã®ãŠãŒã¶ãŒåãååŸãããšããŠãŒã¶ãŒã®ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ã§ããŸãããã®ãããªå Žåãå€èŠçŽ èªèšŒãæäŸãããŸãã 1ã€ã§ã¯ãªããè€æ°ã®ãã¹ã¯ãŒãããã°ã€ã³ã«èŠæ±ãããå Žåã
次ã®äŸã§ã¯ã2èŠçŽ èªèšŒïŒãŸãã¯2èŠçŽ èªèšŒïŒãæ§æããæ¹æ³ãèŠãŠãããŸãã2çªç®ã®æ¹æ³ãšããŠãRADIUSãµãŒããŒãä»ããèªèšŒãéžæããŸãã
RADIUSã¯ãAAAã°ã«ãŒãã«å±ãããããã³ã«ã§ããããã«ããããŠãŒã¶ãŒã®èªèšŒïŒã¢ã«ãŠã³ãã®çæ£æ§ã®æ€èšŒïŒãæ¿èªïŒç¹å®ã®ãªããžã§ã¯ãã«å¯Ÿããæš©éã®ç¢ºèªïŒãå®è¡ãããã¢ã¯ã·ã§ã³ã®è¿œè·¡ïŒã€ãŸãããŠãŒã¶ãŒã®ã¢ã¯ã·ã§ã³ã®ç£æ»ïŒãè¡ãããšãã§ããŸãã
èªèšŒã«ãã£ãšé¢å¿ããããŸãïŒ
1ïŒã¯ã©ã€ã¢ã³ãã¯ãéä¿¡ãããããŒã¿ïŒãã°ã€ã³ãšãã¹ã¯ãŒãïŒãå«ããªã¯ãšã¹ããéä¿¡ããŸãã
2ïŒãã®ããŒã¿ãåä¿¡ãããµãŒããŒã¯ãããŒã¿ãæ€èšŒããå¿çãéä¿¡ããŸãã3ã€ã®å¯èœãªçãããããŸãïŒ
- Accept-Acceptãããã¯ããŠãŒã¶ãŒãæ£åžžã«èªèšŒãããå¿ èŠãªãªãœãŒã¹ã«èš±å¯ãããããšãæå³ããŸãã
- Accept-Reject. , . ( , / ). , , ( ).
- Access-Challenge. , ( ). , . , , .
- Unified Gateway RADIUS-, .

NetScalerã¡ãã¥ãŒãããUnified GatewayãéžæããŸãã

ug1ãéžæããŸãã

èªèšŒããã«ã§ãéçã§ãã¿ã³ãã¯ãªãã¯ããŸãã

以åã«æ§æããããŠã£ã³ããŠãéãã[ ã»ã«ã³ããªèªèšŒæ¹æ³]ããããããŠã³ãªã¹ããã[RADIUS]ãéžæããŸãã

ãããŠãRADIUSãµãŒããŒã®ãã©ã¡ãŒã¿ãŒãå ¥åããŸãããã®IPã¢ãã¬ã¹ãããŒããç§åäœã®ã¿ã€ã ã¢ãŠãïŒéåžžã¯3ç§ã§ååã§ãããäœæ¥ãã£ãã«ãããå ŽåïŒãããã³UGãå ¥åãããšãã«å ¥åããå¿ èŠãããç§å¯ããŒãã©ãäœæ¥ã®äžç°ãšããŠãCitrix456ããŒãéžæããŸããå®éã®ç°å¢ã§ã¯ããã匷åãªããŒãéžæããŠãã ããã [ ç¶è¡ããŠå®äº ]ãã¯ãªãã¯ããåŸã
2çªç®ã®èªèšŒæ¹æ³ãè¿œå ãããŸããã次ã«ããã®åäœã確èªããŸãã

ãŠããã¡ã€ãã²ãŒããŠã§ã€ãéããŸãã

ãããŠããã¹ã¯ãŒããå ¥åããããã®2çªç®ã®ãã£ãŒã«ãã衚瀺ãããŠããããšãããããŸããè³æ Œæ å ±ïŒuser1 / Citrix123 / Citrix456ïŒãå ¥åããããã°ãªã³ããã¯ãªãã¯ããŸãã

䜿ãæ £ãããŠã£ã³ããŠã衚瀺ãããã»ããã¢ãããæåããããšãæå³ããŸãããã®ããã«ããŠãUnified Gatewayã§å€èŠçŽ èªèšŒãèšå®ããã»ãã¥ãªãã£ã匷åããŠããŸãã
ãã®èšäºã§æåŸã«åãäžããã®ã¯ãnFactorèªèšŒã§ãããã®ã¿ã€ãã®èªèšŒã¯ãCitrixã«ãã£ãŠçºæããããã©ãããã©ãŒã ã«çµ±åãããŸãããããã¯éåžžã«æè»ã§ä¿¡é Œã§ããæ¹æ³ã§ãããããã£ãŠãç§ã¯åœŒãç¡èŠããããšã¯ã§ããŸããã
NS ããã«ãnFactorèªèšŒã¯ã°ã©ãã£ã«ã«ç°å¢ã§ã¯æ§æãããŸããããã³ã³ãœãŒã«ã䜿çšããŸãã

Puttyããã°ã©ã ãéããŸãïŒå¥ã®ç«¯æ«ã䜿çšããããšãã§ããŸãïŒãNS_VPX_2ïŒ192.168.10.55ã«ããïŒãšããååã®ããã¯ããŒã¯ã«æ¢ã«ãããŸããéããŸãã
æåã«ããã¹ã¯ãŒããå ¥åããŠãã°ã€ã³ãå ¥åããããã«æ±ããããŸããæšæºã®nsroot / nsrootãå ¥åããŸãã
NetScalerã³ã³ãœãŒã«ã«å ¥ããŸããããã§ãAAAãµãŒããŒãäœæããŠæ§æãããã¡ã€ã³èšŒææžãããã«ãã€ã³ãããå¿ èŠããããŸãã次ã®ã³ãã³ããå ¥åããŸãã
add authentication vserver security.training.lab SSL 192.168.10.125 443 âAuthenticationDomain training.lab
ã€ãŸãã192.168.10.125ãããŒã443ã training.labèªèšŒãã¡ã€ã³ã«ããSSLãä»ããŠãèªèšŒsecurity.training.labä»®æ³ãµãŒããŒãè¿œå ããŸãã
次ã«ããã®ãµãŒããŒã«èšŒææžããã€ã³ãããå¿ èŠããããŸãã 以äžãå ¥åããŠãã ããïŒ
bind ssl vserver security.training.lab âcertKeyName wildcard.training.lab
wildcard.training.lab蚌ææžãsecurity.training.labä»®æ³ãµãŒããŒã«ãã€ã³ãããŸãã
ã³ãã³ãã§èªèšŒããªã·ãŒãè¿œå ããŸãïŒ
add authentication Policy training.lab_ldap ârule true -action ad.training.lab
training.lab_ldapãšããååã®èªèšŒããªã·ãŒãšã ad.training.labãã¡ã€ã³ã³ã³ãããŒã©ãŒãä»ããèªèšŒã¢ã¯ã·ã§ã³ãè¿œå ããŸãã
次ã«å®è¡ããå¿ èŠãããã®ã¯ããã€ã³ãããå¿ èŠãããèªèšŒã¹ããŒã ãšããªã·ãŒãäœæããããšã§ãã 以äžã玹ä»ããŸãã
add authentication loginSchema nfactor1 âauthenticationSchema nfactorauth.xml âuserCredentialIndex 1 âpasswordCredentialIndex 2
ã¹ããŒã ãè¿œå ããèšé²ããXMLãã¡ã€ã«ãæå®ããèšé²ãã©ã¡ãŒã¿ãŒïŒãã°ã€ã³ãšãã¹ã¯ãŒãã®ãã©ãŒã ïŒãæå®ããŸãã
次ã«ãäœæããã¹ããŒã ã«ããªã·ãŒãé¢é£ä»ããŸãã
add authentication loginSchemaPolicy nfactor1 ârule true âaction nfactor1
ãŸããã¹ãããã®ã¹ããŒã ãäœæããŸãã
add authentication loginSchema nfactor2 âauthenticationSchema noschema add authentication policyLabel nfactor_label âloginSchema nfactor2
次ã«ãå€èŠçŽ èªèšŒçšã®LDAPããã³RADIUSãµãŒããŒã®ããªã·ãŒãšèªèšŒãäœæããå¿ èŠããããŸãã RADIUSãµãŒããŒãä»ããŠèªèšŒãè¿œå ããŸãã
add authentication radiusAction radius_act âserverIP 192.168.10.13 âradKey Citrix456
RADIUSãä»ããŠèªèšŒæ¹æ³ã決å®ããIPã¢ãã¬ã¹ãšããŒïŒãŸãã¯ãã¹ã¯ãŒãïŒãèšå®ããŸãã
add authentication policy radius ârule true âaction radius_act
ããªã·ãŒãè¿œå ããäžèšã§äœæããã¡ãœããã«ãã€ã³ãããŸãã
次ã«ãã¹ããŒã ãèªèšŒä»®æ³ãµãŒããŒã«ãã€ã³ãããå¿ èŠããããŸãã 次ã®ã³ãã³ããäœæããŸãã
bind authentication vserver security.training.lab âpolicy nfactor1 âpriority 1 âgotoPriorityExpression END
ã€ãŸãã nfactor1ããªã·ãŒãsecurity.training.labä»®æ³ãµãŒããŒã«ãã€ã³ãããåªå 床ãèšå®ããŸãã
ãããŠãäœæãããèªèšŒããªã·ãŒã®äž¡æ¹ãä»®æ³AAAãµãŒããŒã«ãã€ã³ãããŸãã
bind authentication vserver security.training.lab âpolicy training.lab_ldap âpriority 1 ânextFactor nfactor_label âgotoPriorityExpression next bind authentication policyLabel nfactor_label âpolicyName radius âpriority 2 âgotoPriorityExpression end
ã€ãŸããåªå 床1ã§LDAPãµãŒããŒãä»ããèªèšŒããªã·ãŒãå®è¡ããã次ã«åªå 床2ã§RADIUSãµãŒããŒãä»ããèªèšŒããªã·ãŒãå®è¡ãããŸãã æåŸã®endãã©ã¡ãŒã¿ãŒã¯ãã¢ã¯ã·ã§ã³ãçµäºããããšã瀺ããŸãã ã€ãŸããããã2ã€ã®ããªã·ãŒã¯äžç·ã«æ©èœããã¯ãã§ãã
æåŸã«ãä»®æ³ãµãŒããŒã®èªèšŒãã¢ã¯ãã£ãã«ããŸãã
set lb vserver nfactor.training.lab âauthenticationHost security.training.lab âAuthentication ON
ä»®æ³ãµãŒããŒnfactor.training.labã«å¯Ÿã㊠ãèªèšŒãã¹ãsecurity.training.labãæå®ããèªèšŒãæå¹ã«ããŸãã
èšå®ãä¿åããåŸïŒ
save config
ããã§ã»ããã¢ããã¯å®äºã§ãã äœæ¥ã確èªããŠãã ããã

æå®ããããµãŒããŒãéããŸãã

ãããŠãXMLã¹ããŒãã®ã³ã³ãã³ããšãšãã«ãä»®æ³AAAãµãŒããŒã«ã¹ããŒãããŸãã ã€ãŸãããã°ã€ã³ãå ¥åããããã®ãã©ãŒã ãšãã¹ã¯ãŒããå ¥åããããã®2ã€ã®ãã©ãŒã ããããŸãã

ããŒã¿ãæ£ããå ¥åãããšã次ã®ã¡ãã»ãŒãžãçºè¡ãããŸãã
ãããã£ãŠãLDAPããã³RADIUSãããã³ã«ã䜿çšããŠnFactorãå±éããŸããã ãããŠãä»®æ³AAAãµãŒããŒããŠãŒã¶ãŒãèªèšŒããæ¹æ³ããã¹ãããŸããã
ãŸãšãããšã ãã®èšäºã®ãã¬ãŒã ã¯ãŒã¯ã§ã¯ãCitrix NetScaler補åãå解ããWEBã€ã³ã¿ãŒãã§ã€ã¹ãšã³ã³ãœãŒã«ã€ã³ã¿ãŒãã§ã€ã¹ã䜿çšããŠæ§æããŸããã ãŠããã¡ã€ãã²ãŒããŠã§ã€ãã©ãããã©ãŒã ãäžããã¢ããªã±ãŒã·ã§ã³ãè¿œå ããããªã·ãŒãäœæããããããæ§æãããµãŒãã¹ã«ã¢ã¿ããããæ¹æ³ãåŠã³ãŸããã ããã«ãèªèšŒæ¹æ³ãå€èŠçŽ èªèšŒãšéåžžèªèšŒã®éããèŠã€ããŸããã
ç§ã¯ãã¹ãŠãå¯èœãªéãæ倧éãã€åããããã説æããããšããŸããã ããã«èšå®ãå ããããšã§ãæçšãã€æçšã§ããããšãå€æããããšãé¡ã£ãŠããŸãã ã質åãããå Žåã¯ãã³ã¡ã³ãã§ãæ°è»œã«ãåãåãããã ããã èªãã§ãããŠããããšãããããŠæ¬¡ã®åé¡ã楜ãã¿ã«ããŠããŸãïŒ