9Àå
´ÜÀÏ »çÀÎ ¿Â ±¸¼º
ÀÌ Àå¿¡¼´Â SSO(´ÜÀÏ »çÀÎ ¿Â)¸¦ ±¸¼ºÇÏ´Â ¹æ¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
SSO(´ÜÀÏ »çÀÎ ¿Â)¿¡¼´Â »ç¿ëÀÚ°¡ ÇÑ ¹ø¸¸ ÀÎÁõÇÏ¸é ´Ù½Ã ÀÎÁõÇÒ ÇÊ¿ä ¾øÀÌ ½Å·ÚÇÒ ¼ö ÀÖ´Â ¿©·¯ ÀÀ¿ë ÇÁ·Î±×·¥À» »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. Calendar Server¿Í Messaging Server¸¦ ºñ·ÔÇÑ Sun Java System Åë½Å ¼¹ö´Â ´ÙÀ½°ú °°ÀÌ SSO¸¦ ±¸ÇöÇÒ ¼ö ÀÖ½À´Ï´Ù.
Access Manager¸¦ ÅëÇÑ SSO ±¸¼º
Calendar Server¿Í Messaging Server¸¦ Æ÷ÇÔÇÏ´Â Sun Java Enterprise System ¼¹ö¿¡¼´Â Sun Java System Access Manager(¸±¸®½º 6.1(¸±¸®½º 6 2003Q4) ÀÌ»ó)¸¦ »ç¿ëÇÏ¿© SSO¸¦ ±¸ÇöÇÒ ¼ö ÀÖ½À´Ï´Ù.
Access Manager´Â Sun Java Enterprise System ¼¹ö¸¦ À§ÇÑ SSO °ÔÀÌÆ®¿þÀÌ ¿ªÇÒÀ» ÇÕ´Ï´Ù. Áï ¼¹ö¿¡ SSO°¡ Á¦´ë·Î ±¸¼ºµÈ °æ¿ì Access Manager¿¡ ·Î±×ÀÎÇÑ »ç¿ëÀÚ´Â ´Ù¸¥ Sun Java Enterprise System ¼¹ö¿¡ ¾×¼¼½ºÇÒ ¼ö ÀÖ½À´Ï´Ù.
Calendar Server¿¡¼ SSO¸¦ »ç¿ëÇÏ·Á¸é ´ÙÀ½ ´Ü°è¸¦ ¼öÇàÇÕ´Ï´Ù.
- Access Manager¿Í Directory Server°¡ ¼³Ä¡ ¹× ±¸¼ºµÇ¾î ÀÖ´ÂÁö È®ÀÎÇÕ´Ï´Ù. ÀÌ Á¦Ç°µéÀÇ ¼³Ä¡ ¹× ±¸¼º¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº Sun Java Enterprise System 2005Q1 ¼³Ä¡ ¼³¸í¼¸¦ ÂüÁ¶ÇϽʽÿÀ.
- Calendar ServerÀÇ SSO¸¦ ±¸¼ºÇÏ·Á¸é Ç¥ 9-1ÀÇ ¸Å°³ º¯¼ö¸¦ ¼³Á¤ÇÏ°í Calendar Server¸¦ ´Ù½Ã ½ÃÀÛÇØ¾ß ÀÌ °ªµéÀÌ Àû¿ëµË´Ï´Ù. ÇÊ¿äÇÏ´Ù¸é °¢ ¸Å°³ º¯¼ö¸¦ ¼³Á¤ÇÒ ¶§ ÁÖ¼® ¹®ÀÚ(!)¸¦ Á¦°ÅÇÕ´Ï´Ù.
ÁÖ local.calendar.sso.amnamingurl ¸Å°³ º¯¼ö ¼³Á¤ ½Ã Á¤±ÔÈµÈ Access Manager À̸§À» »ç¿ëÇØ¾ß ÇÕ´Ï´Ù.
- Messaging Server¿¡ SSO¸¦ ±¸¼ºÇÏ·Á¸é Sun Java System Messaging Server 6 2005Q1 °ü¸® ¼³¸í¼¸¦ ÂüÁ¶ÇϽʽÿÀ.
- »ç¿ëÀÚ´Â Directory Server LDAP »ç¿ëÀÚ ¾ÆÀ̵ð ¹× ºñ¹Ð¹øÈ£¸¦ »ç¿ëÇÏ¿© Access Manager¿¡ ·Î±×ÀÎÇÕ´Ï´Ù. Calendar Server³ª Messaging Server¿Í °°Àº ´Ù¸¥ ¼¹ö¸¦ ÅëÇØ ·Î±×ÀÎÇÏ´Â »ç¿ëÀÚ´Â SSO¸¦ »ç¿ëÇÏ¿© ´Ù¸¥ Sun Java Enterprise System ¼¹ö¿¡ ¾×¼¼½ºÇÒ ¼ö ¾ø½À´Ï´Ù.
- ·Î±×ÀÎÇÑ »ç¿ëÀÚ´Â ÀûÇÕÇÑ URLÀ» »ç¿ëÇÏ¿© Calendar Express¸¦ ÅëÇØ Calendar Server¿¡ ¾×¼¼½ºÇÒ ¼ö ÀÖ½À´Ï´Ù. ¶ÇÇÑ ¼¹ö¿¡ SSO°¡ Á¦´ë·Î ±¸¼ºµÇ¾ú´Ù¸é Messaging Server¿Í °°Àº ´Ù¸¥ Sun Java Enterprise System ¼¹ö¿¡µµ ¾×¼¼½ºÇÒ ¼ö ÀÖ½À´Ï´Ù.
Ç¥ 9-1 Access Manager¿¡¼ SSO¸¦ »ç¿ëÇϱâ À§ÇÑ Calendar Server ±¸¼º ¸Å°³ º¯¼ö
¸Å°³ º¯¼ö
|
¼³¸í
|
local.calendar.sso.amnamingurl
|
Access Manager SSO À̸§ ÁöÁ¤ ¼ºñ½ºÀÇ URLÀ» ÁöÁ¤ÇÕ´Ï´Ù.
±âº»°ªÀº "http://AccessManager:port/amserver/namingservice"ÀÔ´Ï´Ù.
¿©±â¼ AccessManager´Â Access ManagerÀÇ Á¤±ÔÈµÈ À̸§À̸ç port´Â Access Manager Æ÷Æ® ¹øÈ£ÀÔ´Ï´Ù.
|
local.calendar.sso.amcookiename
|
Access Manager SSO ÄíÅ°ÀÇ À̸§À» ÁöÁ¤ÇÕ´Ï´Ù.
±âº»°ªÀº "iPlanetDirectoryPro"ÀÔ´Ï´Ù.
|
local.calendar.sso.amloglevel
|
Access Manager SSOÀÇ ·Î±× ¼öÁØÀ» ÁöÁ¤ÇÕ´Ï´Ù. ¹üÀ§´Â 1(¹«À½)ºÎÅÍ 5(¼¼ºÎ Á¤º¸ Ç¥½Ã)ÀÔ´Ï´Ù. ±âº»°ªÀº "3"ÀÔ´Ï´Ù.
|
local.calendar.sso.logname
|
Access Manager SSO API ·Î±× ÆÄÀÏÀÇ À̸§À» ÁöÁ¤ÇÕ´Ï´Ù.
±âº»°ªÀº "am_sso.log"ÀÔ´Ï´Ù.
|
local.calendar.sso.singlesignoff
|
Calendar Server¿¡¼ Access Manager·ÎÀÇ SSO(´ÜÀÏ »çÀÎ ¿Â)¸¦ »ç¿ë °¡´É("yes") ¶Ç´Â »ç¿ë ºÒ°¡´É("no")ÇÏ°Ô ÇÕ´Ï´Ù.
»ç¿ë °¡´ÉÇÑ °æ¿ì, Calendar Server¿¡¼ ·Î±×¾Æ¿ôÇÑ »ç¿ëÀÚ´Â Access Manager¿¡¼µµ ·Î±×¾Æ¿ôµÇ¸ç Access Manager¸¦ ÅëÇØ ½ÃÀÛÇß´ø ´Ù¸¥ ¸ðµç ¼¼¼Ç(Messaging Server webmail ¼¼¼Ç µî)µµ Á¾·áÇÕ´Ï´Ù.
Access Manager´Â ÀÎÁõ °ÔÀÌÆ®¿þÀÌÀ̹ǷΠSSO(´ÜÀÏ »çÀÎ ¿Â)´Â Ç×»ó Access Manager¿¡¼ Calendar Server·Î È°¼ºÈµË´Ï´Ù.
±âº»°ªÀº "yes"ÀÔ´Ï´Ù.
|
Access ManagerÀÇ SSO »ç¿ë ½Ã °í·Á »çÇ×
- Access Manager ¼¼¼ÇÀÌ À¯È¿ÇÑ °æ¿ì¿¡¸¸ ´Þ·Â ¼¼¼ÇÀÌ À¯È¿ÇÕ´Ï´Ù. »ç¿ëÀÚ°¡ Access Manager¿¡¼ ·Î±×¾Æ¿ôÇÏ¸é ´Þ·Â ¼¼¼ÇÀº ÀÚµ¿À¸·Î Á¾·áµË´Ï´Ù(´ÜÀÏ »çÀÎ ¿ÀÇÁ).
- SSO ÀÀ¿ë ÇÁ·Î±×·¥Àº µ¿ÀÏÇÑ µµ¸ÞÀο¡ ÀÖ¾î¾ß ÇÕ´Ï´Ù.
- SSO ÀÀ¿ë ÇÁ·Î±×·¥Àº Access Manager ÀÎÁõ URL(À̸§ ÁöÁ¤ ¼ºñ½º)¿¡ ¾×¼¼½ºÇÒ ¼ö ÀÖ¾î¾ß ÇÕ´Ï´Ù.
- ºê¶ó¿ìÀú´Â ÄíÅ°¸¦ Áö¿øÇØ¾ß ÇÕ´Ï´Ù.
- Sun Java System Portal Server °ÔÀÌÆ®¿þÀ̸¦ »ç¿ëÇÏ´Â °æ¿ì ´ÙÀ½ Calendar Server ¸Å°³ º¯¼ö¸¦ ¼³Á¤ÇÕ´Ï´Ù.
- service.http.ipsecurity="no"
- render.xslonclient.enable="no"
Åë½Å ¼¹ö Trusted Circle ±â¼úÀ» ÅëÇÑ SSO ±¸¼º
Communications Servers Trusted Circle ±â¼úÀ» ÅëÇØ(Áï Access Manager¸¦ °ÅÄ¡Áö ¾Ê°í) SSO¸¦ ±¸¼ºÇÒ °æ¿ì ´ÙÀ½ »çÇ×À» °í·ÁÇÕ´Ï´Ù.
- ½Å·ÚÇÒ ¼ö ÀÖ´Â °¢ ÀÀ¿ë ÇÁ·Î±×·¥Àº SSO°¡ ±¸¼ºµÇ¾î¾ß ÇÕ´Ï´Ù.
- default.html ÆäÀÌÁö°¡ ºê¶ó¿ìÀúÀÇ Ä³½Ã¿¡ ÀÖ´Ù¸é SSO´Â Á¦´ë·Î ½ÇÇàµÇÁö ¾Ê½À´Ï´Ù. SSO¸¦ »ç¿ëÇϱâ Àü¿¡ ¹Ýµå½Ã ºê¶ó¿ìÀú¿¡ default.html ÆäÀÌÁö¸¦ ´Ù½Ã ·ÎµåÇÕ´Ï´Ù. ¿¹¸¦ µé¾î, Netscape Navigator¿¡¼´Â Shift Å°¸¦ ´©¸¥ ä·Î Reload¸¦ ´©¸¨´Ï´Ù.
- SSO´Â ±âº» URL¿¡ ´ëÇؼ¸¸ ½ÇÇàµË´Ï´Ù. ¿¹¸¦ µé¾î, http://servername¿¡¼´Â ½ÇÇàµÇÁö¸¸ http://servername/command.shtml?view¿Í °°Àº URL¿¡ ´ëÇؼ´Â ½ÇÇàµÇÁö ¾Ê½À´Ï´Ù.
Ç¥ 9-2¿¡¼´Â Åë½Å ¼¹ö Trusted Circle ±â¼úÀ» »ç¿ëÇÏ´Â SSO¸¦ À§ÇÑ Calendar Server ±¸¼º ¸Å°³ º¯¼ö¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
Ç¥ 9-2 Åë½Å ¼¹ö Trusted Circle ±â¼úÀ» »ç¿ëÇÏ´Â Calendar Server SSO ¸Å°³ º¯¼ö
¸Å°³ º¯¼ö
|
¼³¸í
|
sso.enable = "1"
|
SSO¸¦ »ç¿ë °¡´ÉÇÏ°Ô ÇÏ·Á¸é ÀÌ ¸Å°³ º¯¼ö´Â "1"(±âº»°ª)·Î ¼³Á¤µÇ¾î¾ß ÇÕ´Ï´Ù. "0"À̸é SSO¸¦ »ç¿ëÇÒ ¼ö ¾ø½À´Ï´Ù.
|
sso.appid = "ics50"
|
ÀÌ ¸Å°³ º¯¼ö´Â ƯÁ¤ Calendar Server ¼³Ä¡ÀÇ °íÀ¯ ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵𸦠ÁöÁ¤ÇÕ´Ï´Ù. ¶ÇÇÑ ½Å·ÚÇÒ ¼ö ÀÖ´Â °¢ ÀÀ¿ë ÇÁ·Î±×·¥Àº °íÀ¯ ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵𸦠°¡Á®¾ß ÇÕ´Ï´Ù. ±âº»°ªÀº "ics50"ÀÔ´Ï´Ù.
|
sso.appprefix = "ssogrp1"
|
ÀÌ ¸Å°³ º¯¼ö´Â SSO ÄíÅ° Çü½Ä ÁöÁ¤¿¡ »ç¿ëµÉ Á¢µÎ¾î °ªÀ» ÁöÁ¤ÇÕ´Ï´Ù. ½Å·ÚÇÒ ¼ö ÀÖ´Â ¸ðµç ÀÀ¿ë ÇÁ·Î±×·¥¿¡¼ µ¿ÀÏÇÑ °ªÀ» »ç¿ëÇØ¾ß ÇÕ´Ï´Ù. Calendar Server´Â ÀÌ Á¢µÎ¾î¸¦ °®´Â SSO ÄíÅ°¸¸ ÀνÄÇϱ⠶§¹®ÀÔ´Ï´Ù. ±âº»°ªÀº "ssogrp1"ÀÔ´Ï´Ù.
|
sso.cookiedomain = ".sesta.com"
|
ÀÌ ¸Å°³ º¯¼ö´Â ºê¶ó¿ìÀú°¡ ƯÁ¤ µµ¸ÞÀÎÀÇ ¼¹ö·Î¸¸ ÄíÅ°¸¦ º¸³»°Ô ÇÕ´Ï´Ù. ÀÌ °ªÀº ¹Ýµå½Ã ¸¶Ä§Ç¥(.)·Î ½ÃÀÛÇØ¾ß ÇÕ´Ï´Ù.
|
sso.singlesignoff = "true"
|
°ªÀÌ "true"(±âº»°ª)À̸é Ŭ¶óÀ̾ðÆ®°¡ ·Î±×¾Æ¿ôÇÒ ¶§ ÇØ´ç Ŭ¶óÀ̾ðÆ® Áß sso.appprefix¿¡¼ ±¸¼ºÇÑ °ª°ú ÀÏÄ¡ÇÏ´Â Á¢µÎ¾î °ªÀ» °¡Áø ¸ðµç SSO ÄíÅ°¸¦ Áö¿ó´Ï´Ù.
|
sso.userdomain = "sesta.com"
|
ÀÌ ¸Å°³ º¯¼ö´Â »ç¿ëÀÚ SSO ÀÎÁõÀÇ ÀϺηΠµµ¸ÞÀÎÀ» ¼³Á¤ÇÕ´Ï´Ù.
|
sso.appid.url = "verifyurl"
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sso.ics50.url = "http://sesta.com:8883/VerifySSO?"
sso.msg50.url = "http://sesta.com:8882/VerifySSO?"
|
ÀÌ ¸Å°³ º¯¼ö´Â Calendar Server ±¸¼º¿¡¼ ÇǾî SSO È£½ºÆ®¿¡ ´ëÇÑ È®ÀÎ URL °ªÀ» ¼³Á¤ÇÕ´Ï´Ù. ½Å·ÚÇÒ ¼ö ÀÖ´Â °¢°¢ÀÇ ÇǾî SSO È£½ºÆ®¿¡ ´ëÇØ ÇϳªÀÇ ¸Å°³ º¯¼ö°¡ ÇÊ¿äÇÕ´Ï´Ù. ÀÌ ¸Å°³ º¯¼ö´Â ´ÙÀ½À» Æ÷ÇÔÇÕ´Ï´Ù.
- ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð(appid)´Â SSO ÄíÅ°°¡ ¹Þ¾Æµé¿©Áö´Â °¢°¢ÀÇ ÇǾî SSO È£½ºÆ®¸¦ ½Äº°ÇÕ´Ï´Ù.
- URL È®ÀÎ("verifyurl")¿¡´Â È£½ºÆ® URL, È£½ºÆ® Æ÷Æ® ¹øÈ£ ¹× VerifySSO?(³¡ºÎºÐÀÇ "?" Æ÷ÇÔ)°¡ Æ÷ÇԵ˴ϴÙ.
ÀÌ ¿¹¿¡¼ Calendar Server ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð´Â ics50, È£½ºÆ® URLÀº sesta.com, ±×¸®°í Æ÷Æ®´Â 8883ÀÔ´Ï´Ù.
Messenger Express ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð´Â msg50, È£½ºÆ® URLÀº sesta.com, ±×¸®°í Æ÷Æ®´Â 8882ÀÔ´Ï´Ù.
|
Ç¥ 9-3¿¡¼´Â Åë½Å ¼¹ö Trusted Circle ±â¼úÀ» »ç¿ëÇÏ´Â SSO¸¦ À§ÇÑ Messaging Server SSO ±¸¼º ¸Å°³ º¯¼ö¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
Ç¥ 9-3 Åë½Å ¼¹ö Trusted Circle ±â¼úÀ» »ç¿ëÇÏ´Â Messaging Server SSO ¸Å°³ º¯¼ö
¸Å°³ º¯¼ö
|
¼³¸í
|
local.webmail.sso.enable = 1
|
SSO¸¦ »ç¿ëÇÏ·Á¸é ÀÌ ¸Å°³ º¯¼ö°¡ 0ÀÌ ¾Æ´Ñ °ªÀ¸·Î ¼³Á¤µÇ¾î¾ß ÇÕ´Ï´Ù.
|
local.webmail.sso.prefix = ssogrp1
|
ÀÌ ¸Å°³ º¯¼ö´Â HTTP ¼¹ö°¡ ¼³Á¤ÇÏ´Â SSO ÄíÅ°ÀÇ Çü½Ä ÁöÁ¤¿¡ »ç¿ëÇÒ Á¢µÎ¾î¸¦ ÁöÁ¤ÇÕ´Ï´Ù.
|
local.webmail.sso.id = msg50
|
ÀÌ ¸Å°³ º¯¼ö´Â Messaging ServerÀÇ °íÀ¯ ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð(msg50)¸¦ ÁöÁ¤ÇÕ´Ï´Ù.
½Å·ÚÇÒ ¼ö ÀÖ´Â °¢ ÀÀ¿ë ÇÁ·Î±×·¥µµ °íÀ¯ ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵𸦠°¡Á®¾ß ÇÕ´Ï´Ù.
|
local.webmail.sso.cookiedomain = sesta.com
|
ÀÌ ¸Å°³ º¯¼ö´Â HTTP ¼¹ö°¡ ¼³Á¤ÇÏ´Â ¸ðµç SSO ÄíÅ°ÀÇ ÄíÅ° µµ¸ÞÀÎ °ªÀ» ÁöÁ¤ÇÕ´Ï´Ù.
|
local.webmail.sso.singlesignoff = 1
|
°ªÀÌ 0ÀÌ ¾Æ´Ï¸é Ŭ¶óÀ̾ðÆ®°¡ ·Î±×¾Æ¿ôÇÒ ¶§ ÇØ´ç Ŭ¶óÀ̾ðÆ® Áß local.webmail.sso.prefix¿¡¼ ±¸¼ºÇÑ °ª°ú ÀÏÄ¡ÇÏ´Â Á¢µÎ¾î °ªÀ» °¡Áø ¸ðµç SSO ÄíÅ°¸¦ Áö¿ó´Ï´Ù.
|
local.sso.appid.url = "verifyurl"
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
local.sso.ics50.verifyurl = http://sesta.com:8883/VerifySSO?
local.sso.msg50.verifyurl = http://sesta.com:8882/VerifySSO?
|
ÀÌ ¸Å°³ º¯¼ö´Â Messaging Server ±¸¼º¿¡¼ ÇǾî SSO È£½ºÆ®ÀÇ È®ÀÎ URL °ªÀ» ¼³Á¤ÇÕ´Ï´Ù. ½Å·ÚÇÒ ¼ö ÀÖ´Â °¢°¢ÀÇ ÇǾî SSO È£½ºÆ®¿¡ ´ëÇØ ÇϳªÀÇ ¸Å°³ º¯¼ö°¡ ÇÊ¿äÇÕ´Ï´Ù. ÀÌ ¸Å°³ º¯¼ö´Â ´ÙÀ½ Ç׸ñÀ» Æ÷ÇÔÇÕ´Ï´Ù.
- ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð(appid)´Â SSO ÄíÅ°°¡ ¹Þ¾Æµé¿©Áö´Â °¢°¢ÀÇ ÇǾî SSO È£½ºÆ®¸¦ ½Äº°ÇÕ´Ï´Ù.
- URL È®ÀÎ("verifyurl")¿¡´Â È£½ºÆ® URL, È£½ºÆ® Æ÷Æ® ¹øÈ£ ¹× VerifySSO?(³¡ºÎºÐÀÇ ? Æ÷ÇÔ)°¡ Æ÷ÇԵ˴ϴÙ.
ÀÌ ¿¹¿¡¼ Messaging Server ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð´Â msg50, È£½ºÆ® URLÀº sesta.com, ±×¸®°í Æ÷Æ®´Â 8882ÀÔ´Ï´Ù.
Calendar Server ÀÀ¿ë ÇÁ·Î±×·¥ ¾ÆÀ̵ð´Â ics50, È£½ºÆ® URLÀº sesta.com, ±×¸®°í Æ÷Æ®´Â 8883ÀÔ´Ï´Ù.
|
SSO¸¦ À§ÇÑ Messaging Server ±¸¼º¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº Sun Java System Messaging Server 6 2005Q1 °ü¸® ¼³¸í¼¸¦ ÂüÁ¶ÇϽʽÿÀ.