14��

�� 忡�� ٽ� Application Server �� Sun Java System Application Server 8.1 2005Q1�� մϴ�. �� : ��= ��8�� Ǿ� �ֽ4ϴ�.

Application Server �� d��

��

�� ο� d��

��

��̶� ��͸� ��ȣ�ϴ� ��̸� ��͸� ��ϰų� �� ش� ��Ϳ� �� : �׼�� ջ�; ��ϴ� ��Դϴ�. Application Server�� J2EE ǥ��; ��8�� ̸� Ȯ�� v�� ֽ4ϴ�. �� ɿ�� ȣȭ ��, �� ο�, �� Ű ��v� ��Ե˴ϴ�. Application Server�� ý��̳� ��ڿ� �� '�� ?� �wα׷�; ��ϰ� �� ִ� �� ڽ�� ϴ� Java �� 𵨿� ��Ǿ� �ֽ4ϴ�. �� : ��= ��8�� Ǿ� �ֽ4ϴ�.

�?� �wα׷� �� ý��

�wα׷�� �� ڰ� �ۼ�� ?� �wα׷� �ڵ忡�� ۾�; ó��մϴ�. ��ڷμ� �� ü�迡 �� f��; �� ʽ4ϴ�. �Ϲ��8�� J2EE ��̳ʸ� �� ; ��ϴ� �� ?� �wα׷�� ; �ϵ� �ڵ��ϱ� �� wα׷�� ; �� ʽ4ϴ�.

�� �� ̳�(Application Server)�� ?� �wα׷�� ڸ� �� ; ó��մϴ�. �� ڸ� ��b ��ϰų� deploytool ��: �� Ͽ� �� ; f�� ֽ4ϴ�. �?� �wα׷�; �� ڸ� �� ֱ� �� ; ��ϸ� �� : 6�뼺�� ˴ϴ�.

�?� �wα׷� �� ܿ�� Application Server �ý�� ?� �wα׷�� ; ��ġ�� �ý�� �� ֽ4ϴ�.

�wα׷�� : �?� �wα׷� ��ڰ� f��ϹǷ�, �� ʽ4ϴ�. �� ?� �wα׷� ��ڰ� �� f��ϹǷ� �� մϴ�. �� ⺻��8�� ý�� ڸ� ��8�� ϹǷ� �ý�� ȿ� �� a��8�� մϴ�.

��

�� ܼ�: ��ü �� ; ��ϰ�, ��, �׷� �� ; ��ϸ�, �ý�� ٸ� �� ۾�; ��ϱ� '�� ϴ� �� Դϴ�. �� ֿܼ� �� Ϲ�� Ұ�� "�� "�� v�Ͻʽÿ�. �� ַܼ� �� ִ� �� ۾� �� "�� ܼ�; ��Ͽ� �� "�� v�Ͻʽÿ�.

asadmin: �� ְܼ� �� : �۾�; ��ϴ� �� Դϴ�. �� ַܼ� �� Ϻ� �۾�; asadmin8�� ֽ4ϴ�. �� w��Ʈ�� ũ��Ʈ�� asadmin ��; ��Ͽ� �ݺ�� ۾�; �ڵ�ȭ�� ֽ4ϴ�. asadmin�� Ϲ�� Ұ�� "�� "�� v�Ͻʽÿ�.

deploytool: �׷�� Ű�� , �� ?� �wα׷�� ; f��ϱ� '�� ?� �wα׷� �� ڸ� ��ϴ� �� մϴ�. deploytool: �?� �wα׷� ��ڸ� ��8�� ϱ� �� ڼ�� ʽ4ϴ�. deploytool ��뿡 �� ħ: http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html�� ¶�� 򸻰� J2EE 1.4 Tutorial; ��v�Ͻʽÿ�.

Java 2 Platform, Standard Edition(J2SE)�� ; ��ϱ� '�� = �� f��մϴ�.

keytool: �� Ű ��; ��ϱ� '�� /ƿ��Ƽ�Դϴ�. keytool; ��Ͽ� certificate �� ڸ� ��մϴ�.

policytool: �ý�� Java �� då; ��ϱ� '�� ׷�� /ƿ��Ƽ�Դϴ�. ��ڴ� policytool; �� ʿ䰡 ��4ϴ�.

Enterprise Edition�� NSS(Network Security Services)�� ϴ� �ٸ� �� ֽ4ϴ�. NSS�� ڼ�� ; ��x� http://www.mozilla.org/projects/security/pki/nss/�� ̵��Ͻʽÿ�. �� =�� 4ϴ�.

certutil�� Ű ��ͺ��̽�� ϱ� '�� /ƿ��Ƽ�Դϴ�.

pk12util: ��/Ű ��ͺ��̽�� PKCS12 �� Ű�� n�1� '�� ϴ� �� /ƿ��Ƽ�Դϴ�.

��й�ȣ ��

�� Application Server�� Ưd �� ; ��ϴ� domain.xml ��Ͽ�� ó=�� Ϲ� �ؽ�Ʈ�� IMQ ��Ŀ ��й�ȣ�� ԵǾ� �ֽ4ϴ�. �� й�ȣ�� ϴ� domain.xml �� Ҵ� jms-host �� admin-password �Ӽ��Դϴ�. ��ġ �� й�ȣ�� ȿ� ū ��; ��ġ�� ʽ4ϴ�.

�׷�� ܼ�; ��Ͽ� ��ڿ� �ڿ�; �߰��ϰ� �� ڿ� �ڿ� ��й�ȣ�� d�մϴ�. �� , ��ͺ��̽�� ׼��ϱ� '�� й�ȣó�� й�ȣ �� Ϻδ� domain.xml ��Ͽ� �Ϲ� �ؽ�Ʈ�� ϵ˴ϴ�. �� й�ȣ�� domain.xml ��Ͽ� �Ϲ� �ؽ�Ʈ�� ϸ� �� '�� ; �� ֽ4ϴ�. ��= �� Ͽ� admin-password �Ӽ��̳� ��ͺ��̽� ��й�ȣ�� Ͽ� domain.xml�� й�ȣ�� ȣȭ�� ֽ4ϴ�.

domain.xml �� ϴ� ��丮(�⺻��8�� install_dir/domains/domain_dir/config)�� = asadmin ��; ��մϴ�.

asadmin create-password-alias <alias-name>

�� =�� 4ϴ�.

asadmin create-password-alias jms-password

��й�ȣ �w��Ʈ(�� admin)�� ǥ�õ˴ϴ�. �ڼ�� : create-password-alias, list-password-aliases, delete-password-alias �� ? �� v�Ͻʽÿ�.

domain.xml�� й�ȣ�� f��ϰ� �ٲߴϴ�. asadmin set ��; ��Ͽ� �̸� ��մϴ�. �̷�� ; '�� set �� =�� 4ϴ�.


asadmin set server.jms-service.jms-host.default_JMS_host.admin-password=${ALIAS=jms-password}

�� ο� �� Application Server�� ٽ� ��մϴ�.

��ȣȭ�� й�ȣ�� Ͽ� �� ȣ

�Ϻ� ��Ͽ�� ý�� ; ��Ͽ� ��ȣ�ؾ� �ϴ� ��ȣȭ�� й�ȣ�� ԵǾ� �ֽ4ϴ�. �� Ͽ�� = �� ԵǾ� �ֽ4ϴ�.

install_dir/domains/domain_dir/master-password

asadmin�� --passwordfile �μ� ��Ͽ� �μ�� ϱ� '�� й�ȣ ��: �� ý�� 600; ��Ͽ� ��ȣ�ؾ� �մϴ�.

�� й�ȣ ��

�� й�ȣ(MP)�� ü��8�� /�ϴ� ��й�ȣ�Դϴ�. �� й�ȣ�� ʰ� ��Ʈ��ũ�� ۵�� ʽ4ϴ�. �� й�ȣ�� ü�� f ��a�Դϴ�. �ʿ�� 8�� Է��ϵ�� ϰų� ��Ͽ� �� ֽ4ϴ�. ��й�ȣ�� ý��ۿ�� ߿�� Դϴ�. �� ; f��Ͽ� �� й�ȣ �䱸�� f�� ֽ4ϴ�. �� й�ȣ�� й�ȣ Ű ��ҿ� �ٽ� ��˴ϴ�.

��ο� �� Application Server�� մϴ�. �� й�ȣ�� й�ȣ�� w��Ʈ�� = �� ' ~�� ׸�; �ٽ� ��ȣȭ�ϴ� asadmin �� change-master-password�� մϴ�. �� =�� 4ϴ�.


asadmin change-master-password>
Please enter the master password>
Please enter the new master password>
Please enter the the new master password again>

�� ٽ� ��մϴ�.

��: �� ν��Ͻ�� ش��ϴ� �� SMP ��Ʈ�� ν��Ͻ�� ٽ� �� ƾ� �մϴ�. SMP�� ϱ� �� ν��Ͻ�� ٽ� �� ν��Ͻ�� ۵�� ʽ4ϴ�.

�� Ʈ �� õ� �� ϳ�� մϴ�. asadmin change-master-password ��; �ٽ� �� =, �� Ʈ �� õ� �� ٽ� ��մϴ�.

�� Ʈ�� ּ� ��d�� = �� Ʈ�� մϴ�. �̷� ��8�� ѹ�; �� ֽ4ϴ�.

�� й�ȣ ��

�� й�ȣ ��ȣȭ�� "��й�ȣ �� "�� մϴ�. �� й�ȣ�� ȣȭ�� ; ��ϰ� ��մϴ�. �� й�ȣ�� ȣȭ�ϱ� �� asadmin set ��; ��մϴ�. ��=: �̷�� 뵵�� set ��; ��ϴ� ��Դϴ�.

�� ܼ�; ��Ͽ� �� й�ȣ�� ֽ4ϴ�. �� ܼ�; ��Ͽ� �� й�ȣ�� Ϸx� ��= �ܰ踦 ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

admin-realm ��带 ��մϴ�.

��ڸ� �߰�, ��d, ��f�Ϸx� �� ư; ��ϴ�.

admin�̶�� ڸ� ��մϴ�.

��ο� ��й�ȣ�� Է��ϰ� ��й�ȣ�� Ȯ��մϴ�.

��; �� ϰų�, �ݱ⸦ �� ʰ� �ݽ4ϴ�.

�� å�� d

�?� �wα׷� ��

�ý��

�?� �wα׷� ��

�?� �wα׷� �� ҿ� �� ׼�� f�� d

�?� �wα׷�� d�� ; ��d�� ?� �wα׷�� κ� ��d

�?� �wα׷� ��ڴ� deploytool ��: �� Ͽ� �?� �wα׷� �� ڸ� �� ֽ4ϴ�. ��= URL�� Ȯ�� ִ� J2EE 1.4 Tutorial�� Security �忡�� ۾�; �ڼ�� մϴ�.

�?� �wα׷� ��

��ڳ� �׷�(�Ǵ� �� ); �� ҿ� ��

Ưd �� ó�� 䱸 ��׿� �°� �� ޼ҵ忡 �׼��ϴ� �� ʿ�� vd

�ý��

��

�� d �� ׷� ��

�� α� ��

�� SSL(Secure Socket Layer) �� 

Ŀ�� Ǯ�� , �߰� JACC �� : �ý�� پ�� ٸ� �� ó��

�ý�� ڴ� �� ܼ�; ��Ͽ� �� d; ��ϰ� certutil; ��Ͽ� �� մϴ�. �� ⺻��8�� ý�� ڸ� ��8�� մϴ�.

�� ο� d��

�� ο�� ?� �wα׷� �� ٽ� ��Դϴ�. �� ο�� ؼ� ��= ��; ��մϴ�.

��ƼƼ ��

��: ��ƼƼ(��, �?� �wα׷� �Ǵ� �� )�� ٸ� ��ƼƼ�� Ȯ��ϴ� ��Դϴ�. ��ƼƼ�� �� ڰ� ��; ��Ͽ� �ڽ�; ��մϴ�. ��̵� �� й�ȣ, �� ڰ� �� ֽ4ϴ�.

�Ϲ��8�� : ��̵�� й�ȣ�� Ͽ� �?� �wα׷�� α��ϴ� ��; �ǹ��, �� ڿ�; ��û�� EJB �� ڰ� ��; ��ų �� ֽ4ϴ�. �밳 �� ?� �wα׷�� Ŭ��̾�Ʈ�� ; �䱸�մϴ�. �׸�� Ŭ��̾�Ʈ�� ڽ�; �� ; �䱸�� ֽ4ϴ�. �� ̸� ��ȣ ��̶�� մϴ�.

��ƼƼ�� ȣ�� ڿ� �׼�� Application Server�� ش� �ڿ� �� ü�踦 ��Ͽ� �׼�� ο�� θ� ��d�մϴ�. �� , ��ڴ� % �� ̵�� й�ȣ�� Է�� ֽ4ϴ�. �?� �wα׷�� ش� �ڰ� ��; Ȯ��ϸ� ��ڰ� ��˴ϴ�. �� κп�� ڴ� �� ̵�� Ǿ� �ֽ4ϴ�.

Application Server�� ǥ 14-1�� /�� ; ��մϴ�. �?� �wα׷�: �� ϴ� �� /��; ��d�մϴ�. �?� �wα׷�� ; ��ϱ� '�� deploytool ��뿡 �� ڼ�� : ��= URL�� J2EE 1.4 Tutorial; ��v�Ͻʽÿ�.

http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html

ǥ 14-1 Application Server ��
��	�� w��	��	�� ڰ� �� ȣȭ
�⺻	HTTP(SSL �� ��)	�� ˾� �α�� ȭ ��ڸ� ��մϴ�.	SSL; �� ; �� =
��	HTTP(SSL �� ��)	�?� �wα׷�� /�� d�� α�� 7� �� f��մϴ�.	SSL; �� ; �� =
Ŭ��̾�Ʈ ��	HTTPS (SSL; �� HTTP)	�� Ű �� Ͽ� Ŭ��̾�Ʈ�� մϴ�.	SSL

�� (SSO) ��

�� ; ��ϸ� �ϳ�� ν��Ͻ�� ?� �wα׷�� ¸� ��/�� ֽ4ϴ�. �� ; �� ڰ� �ϳ�� ?� �wα׷�� α��ϸ� �� d�� 䱸�ϴ� �ٸ� �?� �wα׷�� Ͻ��8�� α��ε˴ϴ�.

�� : �׷�; ��8�� մϴ�. �� ڰ� �� �׷�; d��ϰ� �� (�⺻, ��, ��f��Ʈ, ��); ��ϴ� �� % �?� �wα׷�: �� ; ��/�մϴ�.

Application Server�� d�ǵ� �� ⺻��8�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�. �� Ȱ��ȭ�� ڼ�� : "�� (SSO) ��"; ��v�Ͻʽÿ�.

�� ο�

��ڰ� ��Ǹ� �� ο��� : �� ִ� �۾�; ��d�մϴ�. �� ο�� ��; ��8�� մϴ�. �� , �λ� �� ?� �wα׷�: ��ڿ�� d�� ֵ�� 鿡�Դ� �ڽ�� d�� ֵ�� ֽ4ϴ�. ��ҿ� �� ڼ�� : "��, �׷�, �� "�� v�Ͻʽÿ�.

JACC �� d

JACC(Java Authorization Contract for Containers)�� ÷�� ο� �� ̽�� d��ϴ� J2EE 1.4 �� Ϻ��Դϴ�. JACC�� ϸ� ��ڴ� Ÿ�� ÷�� ⿡�� ο�� ϵ�� d�� ֽ4ϴ�.

�⺻��8�� Application Server�� JACC �� Բ� ��ϵǴ� �ܼ�� ο� ��; f��մϴ�. �ٸ� Ÿ�� JACC ��ڸ� ��d�� ֽ4ϴ�.

JACC ��ڴ� JAAS(Java Authentication and Authorization Service) API�� մϴ�. JAAS�� ϸ� ��񽺿�� ڿ� �� ׼�� f� ��ϰ� ��f�� ֽ4ϴ�. JAAS�� ǥ�� PAM(Pluggable Authentication Module) �w��ӿ�ũ�� Java �� ; ��մϴ�.

�� ο� ��d ��

Application Server�� �� ; �� ο� ��d �� ; f�� ֽ4ϴ�. Application Server�� ⺻ �� Ӹ� �ƴ϶� �� ; �� d�� ִ� ��ɵ� f��մϴ�. �� d�� ߿� �� ڼ�� : Application Server Developer's Guide�� v�Ͻʽÿ�. Developer's Guide ��ũ�� "�ڼ�� "; ��v�Ͻʽÿ�.

�޽��

�޽�� ; ��ϸ� �� ޽�� % �� ȣ�� 4�� ~�� ; �� ֽ4ϴ�. Application Server�� SOAP �� ޽�� ڸ� ��Ͽ� �޽�� ; ��մϴ�. �޽�� ڴ� ��û �� 4� �޽�� ʿ�� /�� : d�� f��մϴ�. ��Ǵ� �� /��: ��=�� 4ϴ�.

��̵� ��й�ȣ ��; ��ϴ� ��

XML �� ; ��ϴ� ��

�� ޽�� ڰ� �� ԵǾ� �ֽ4ϴ�. SOAP �� ; '�� ޽�� ڸ� �� ֽ4ϴ�. �� ִ� ��ڿ�� ClientProvider�� ServerProvider�� Ե˴ϴ�.

�޽�� ȿ� �� ÷�� 8�� Application Server�� Ŭ��̾�Ʈ ��̳ʿ� ��յǾ� �ֽ4ϴ�. �⺻��8�� ޽�� : Application Server�� Ȱ��ȭ�˴ϴ�.

��ü Application Server�� Ưd �?� �wα׷� �Ǵ� �޼ҵ忡 �� ޽�� ; �� ֽ4ϴ�. "�޽�� "�� Application Server �� ޽�� ; ��մϴ�. Developer's Guide�� Securing Applications �忡�� ?� �wα׷� �� ޽�� մϴ�.

��, �׷�, ��

��: Application Server�� d�ǵ� �� ̵�. �Ϲ��8�� ڴ� ��, ��Ʈ�� (��: Enterprise Bean) �Ǵ� �� ֽ4ϴ�. �� ڸ� �⺻�̶�? �մϴ�. ��ڸ� ��f��? �մϴ�.

�׷�: �� Ư��8�� з��, Application Server�� d�ǵ� ��

��: �?� �wα׷�� d�� �̸� ��d�� ο� ��. ��; �� Ű�� ; �� ֽ4ϴ�. ��: ��ڰ� Ű �纻; �� ; �� ֽ4ϴ�. ��ݿ�� ׼��ϴ� ��ڴ� ��8��, �ùٸ� Ű�� ϴ� �� 谡 �ֽ4ϴ�.

��: ��ڿ� �׷� d�� ڰ� ��; ��ϴ� ��. ��; �� då ���̶�? �մϴ�.

��: ��ڿ� �׷�: ��ü Application Server�� d�Ǵ� �ݸ�, �� ?� �wα׷�� /�� ; d��մϴ�. �?� �wα׷�; ��Ű��ȭ �� = �׸�� ?� �wα׷�: ��/�׷� �� ; ��d�մϴ�.

��

���� Application Server�� d�ǵ� �� Ǵ� �?� �wα׷� ��̵��Դϴ�. ��ڸ� �׷�� ų �� ֽ4ϴ�. Application Server �� 񽺴� �� ڸ� �� ֽ4ϴ�.

�׷�

J2EE �׷�(�Ǵ� �ܼ�� ׷�): ��'�� ? �w�� : �� Ư��8�� з�� Դϴ�. �� , �� ŷ� �?� �wα׷�� ڴ� customer �׷쿡 �� , �뷮 �Һ��ڴ� preferred �׷쿡 �� ֽ4ϴ�. ��ڸ� �׷�8�� ȭ�ϸ� ��: �� ׼�� f�� ֽ4ϴ�.

��

��: � �?� �wα׷�� ?� �wα׷� ��  �κ�� ׼�� ִ�� ׸�� ׵�� ִ� �۾�; d��մϴ�. ��, ��: �� ο� ��; ��d�մϴ�.

�� , �λ� �wα׷�� ȭ ��ȣ�� ּҿ� �׼�� ޿� d�� ڸ� �׼�� ֽ4ϴ�. �?� �wα׷�: �ּ�� employee�� manager�� ; d�� ֽ4ϴ�. �׸�� manager �� ڸ� �޿� d�� ֽ4ϴ�.

��: �?� �wα׷�� ; d��ϴ� �ݸ�, �׷�: �� ̶�� a�� Ұ� �� ׷�: �ٸ��ϴ�. �� , �λ� �?� �wα׷�� full-time, part-time �� on-leave ��: �׷�� ; �� , �� ׷�� ڴ� �� employee ��ҿ� �ֽ4ϴ�.

��: �?� �wα׷� �� ڿ� d�ǵ˴ϴ�. �ݴ�� ׷�: ��ü �� d�ǵ˴ϴ�. �?� �wα׷� ��ڳ� ��ڴ� �� ?� �wα׷�� ϳ� �̻�� ׷쿡 ��; ��մϴ�.

��

�� då �� �Ǵ� �� �̶�? �ϴ� ��: �� då; d�� ϴ� ��'�Դϴ�. ��f�� 鿡�� : �� ׷� d�� ϴ� ��Դϴ�.

Application Server�� file(�ʱ� �⺻ ��), certificate �� admin-realm�� ̸� ��Ǿ� �ֽ4ϴ�. ldap, solaris �Ǵ� �� d�� ; ��d�� ֽ4ϴ�. �?� �wα׷�: �� ڿ�� ; ��d�� ֽ4ϴ�. ��; ��d�� ; �� Application Server�� ⺻ ��; ��մϴ�.

file �� ڰ� ��; keyfile�̶�� ϴ� ��Ͽ� ��÷� ��մϴ�. �� ܼ�; ��Ͽ� file �� ڸ� �� ֽ4ϴ�. �ڼ�� : "File �� "�� v�Ͻʽÿ�.

certificate �� ͺ��̽�� մϴ�. certificate ��; �� HTTPS �w��ݰ� �Բ� �� Ͽ� % Ŭ��̾�Ʈ�� մϴ�. �� ڼ�� : "�� SSL �Ұ�"�� v�Ͻʽÿ�.

admin-realm: FileRealm�̱⵵ �ϰ� admin-keyfile�̶�� ϴ� ��Ͽ� �� ڰ� ��; ��÷� ��մϴ�. file �� ڸ� ��ϴ� �Ͱ� ��: ��8�� ܼ�; ��Ͽ� �� ڸ� ��մϴ�. �ڼ�� : "File �� "�� v�Ͻʽÿ�.

ldap �� Sun Java System Directory Server��: LDAP(Lightweight Directory Access Protocol) �� ڰ� ��; ��n�ɴϴ�. LDAP�� ͳ�; ��ϴ�� Ʈ��; ��ϴ�� ο� �� v��, �� Ʈ��ũ�� ̳� ��ġ ��: �ٸ� �ڿ�; ã; �� ְ� ��ִ� �w��Դϴ�. ldap �� ׷�; ��ϴ� �Ϳ� �� ڼ�� : LDAP �� ?�� v�Ͻʽÿ�.

solaris �� Solaris � üf�� ڰ� ��; ��n�ɴϴ�. �� : Solaris 9 OS �̻󿡼� ��˴ϴ�. solaris �� ׷�; ��ϴ� �Ϳ� �� ڼ�� : Solaris ��?�� v�Ͻʽÿ�.

�� d�� : �� ͺ��̽�� Ÿ�� : �� ڰ� �� ٸ� ��Դϴ�. �ڼ�� : "�� d�� " �Ǵ� Developer's Guide�� Securing Applications ��; ��v�Ͻʽÿ�.

�� SSL �Ұ�

�� d��

SSL(Secure Sockets Layer) d��

�� d��

�� (�Ǵ� ��)�� ͳ�� ڿ� �ڿ�; ��/�ϰ� �ĺ��ϴ� �� Դϴ�. �� ƼƼ �� ϰ� ��; /��ϴ� ��ŵ� ��ϰ� ��ݴϴ�.

�� ~�� ִµ�, �� ϴ� �� , SSL(Secure Socket Layer) ��; �� Ŭ��̾�Ʈ �� ; ��d�ϱ� '�� ϴ� �� ֽ4ϴ�. SSL�� ڼ�� : "SSL(Secure Sockets Layer) d��"; ��v�Ͻʽÿ�.

�� �� Ű ��ȣȭ ���� 8�� մϴ�. �� ڸ� ��; �� ֵ�� d�� ��ȣȭ�ϴ� �� Ű ��(�ſ� �� ȣ); ��մϴ�. ��ڴ� d�� �ص��Ͽ� �н4ϴ�.

Ű �ֿ�� Ű�� Ű�� Ե˴ϴ�. ��/�ڴ� �� Ű�� Ͽ� �� ڰ� �� ְ� �մϴ�. �׷�� /�ڴ� �� Ű�� ʰ� �׻� ��з� �մϴ�. Ű�� 8�� õǾ� �ֱ� �� ϳ�� Ű�� ȣȭ�� ʹ� Ű �� ٸ� Ű�θ� �ص�� ֽ4ϴ�.

�� ǰ� ��4ϴ�. ��/�ڸ� �ĺ��ϰ� �ٸ� �߿�� d�� f��մϴ�. �� (CA)�̶�� ϴ� �ŷ�� ִ� f 3�ڰ� �� մϴ�. �� : �� 繫�ҿ� /��մϴ�. �� /�� ̵� ��ϰ� �� 'v�ϰų� �� մϴ�. �� ϸ� ��/�ڴ� �ſ� ��8�� f��ϰ� ��ȣȭ�� ; ��d�� ֽ4ϴ�.

�� ߿�� a: �� /�� Ű�� /�� ̵� ��ε��Ѵٴ� a�Դϴ�. �� /�ڿ� �� d�� ; �Բ� f��ϴ� �Ͱ� �� /�ڿ� �� d�� Ű�� ε��մϴ�.

��/�� ̸� �� % �� URL ��: ��Ÿ �ĺ� d�� Ǵ� �� ּ�

�� ̸�

��

�� x.509 �� 8�� ˴ϴ�. certificate �� ̵� Ȯ��ϱ� '�� 񽺴� X.509 �� ̸� �ʵ带 �⺻ �̸�8�� Ͽ� X.509 �� մϴ�.

�� ü�� d��

% �� ڵ�8�� ŷ��ϴ� ��Ʈ CA �� Ǿ� �ֽ4ϴ�. �� ڽ�� /ȿ��; ��ϱ� '�� �� ü���� Բ� f��Ǿ�� մϴ�. �� ü��: �� CA�� Ͽ� ��Ʈ CA �� ~��Ǵ� �Ϸ�� Դϴ�.

�� ó= �� 쿡�� ��ü �� ��Դϴ�. ��ü �� ߱��(��)�� f(�� Ű�� ϴ� ��ƼƼ)�� Դϴ�. ��/�ڰ� �� û(CSR); �� = �4�; ��n�8�, ��ü �� ü��8�� ü�˴ϴ�. ü�� Ʒ�� f�� Ű�� ϴ� �� (�4�)�� ֽ4ϴ�. ü�� = �� CA�� Ű�� ϴ� ��Դϴ�. �밳�� ü �� (��, �ش� �� Ű�� ϴ� �� )�̰� ü�� Դϴ�.

�ٸ� �� CA�� ü��; ��ȯ�� ֽ4ϴ�. �� ü�� Ʒ� �� (Ű �׸�� Ű�� ϴ� CA�� ) ü�� ° �� CSR; �� CA�� Ű�� ϴ� �ٸ� CA�� Դϴ�. �׷� ��= ü�� = �� ° CA�� Ű�� ϴ� ��Դϴ�. ��ü �� ��Ʈ �� ̷� ��8�� ӵ˴ϴ�. ü�� (ù° �� f��)�� ü�� Ű�� մϴ�.

SSL(Secure Sockets Layer) d��

SSL(Secure Sockets Layer): ��ͳ� �� Ʈ��; ��ϱ� '�� Ϲ�� ǥ��Դϴ�. % �?� �wα׷�: �� Ŭ��̾�Ʈ�� ; ��ϱ� '�� ϴ� HTTPS(SSL�� HTTP)�� մϴ�. SSL ��ῡ�� Ŭ��̾�Ʈ�� ͸� ��ϱ� �� ȣȭ�� = ��û �� ص��մϴ�.

% ��(Ŭ��̾�Ʈ)�� Ʈ�� SSL �ڵ��ũ�� ߻��մϴ�.

�� 밳 http �� https�� ϴ� URL; ��û�Ͽ� �� ; ��û�ϴ� ��Ʈ��ũ�� ޽�� մϴ�.

�� Ű�� ϴ� �� Ͽ� �4��մϴ�.

�� /ȿ�� ׸�� ͺ��̽�� ְ� �ŷ�� ִ� �� մϴ�. �׸�� CA �� ʾҴ�� Ȯ��մϴ�.

�� /ȿ�ϸ� �� /�� ȸ�� �� Ű�� ϰ� �̸� �� Ű�� Բ� ��ȣȭ�մϴ�. �� ȣȭ�� Ű�� Ͽ� �� 纻; �� ֵ�� մϴ�.

�� Ű�� Ͽ� �޽�� ص��ϰ� �� Ű�� մϴ�.

�ڵ��ũ �� Ŭ��̾�Ʈ�� % ��Ʈ�� ̵� ��߰� Ŭ��̾�Ʈ�� % �� Ű�� 纻; �� ֽ4ϴ�. �� Ŭ��̾�Ʈ�� Ű�� Ͽ� �� ; ��ȣȭ�մϴ�. �� : �� մϴ�.

SSL ǥ�� ֽ� ��; TLS(Transport Layer Security)�� մϴ�. Application Server�� SSL(Secure Sockets Layer) 3.0 �� TLS(Transport Layer Security) 1.0 ��ȣȭ �w��; ��մϴ�.

SSL; ��Ϸx� Application Server�� ܺ� ��̽�� ; ��ϴ� IP �ּҰ� �־�� մϴ�. �� ġ�� 8�� κ� % �� HTTPS ��񽺰� �� ʽ4ϴ�. % �� SSL�� ִ� �� d�Ϸx� "�� "�� մϴ�.

��ȣȭ d��

��ȣȭ�� ȣȭ�� ص�� ȣȭ �˰?��Դϴ�. SSL �� TLS �w��: �� Ŭ��̾�Ʈ�� ΰ�� ϰ�, �� ϸ�, �� Ű�� d�ϱ� '�� پ�� ȣȭ�� մϴ�.

�Ϻ� ��ȣ�� ٸ� ��ȣ�� ϰ� �� մϴ�. Ŭ��̾�Ʈ�� ٸ� ��ȣȭ �׷�; �� ֽ4ϴ�. SSL3 �� TLS �w��ݿ�� ȣȭ�� մϴ�. �� ߿� Ŭ��̾�Ʈ�� ΰ� ��; '�� d�� ȣȭ ��; ��ϹǷ� �밳 �� ȣȭ�� ֽ4ϴ�.

�̸� �� ȣ��Ʈ ��

�� ?� �wα׷�� ̸� �� ȣ��Ʈ�� ϴ� ��: ��f�� ֽ4ϴ�. �̴� SSL �w�� Ѱ��Դϴ�. Ŭ��̾�Ʈ �� ϴ� SSL �ڵ��ũ�� HTTP ��û�� ׼��ϱ� �� ߻��ؾ� �մϴ�. �� ȣ��Ʈ �̸�; ��ϴ� ��û d�� Ȯ�� 4ϴ�. �׷��Ƿ� �� IP �ּҿ� �� d�� 4ϴ�.

�� IP �ּ�� ȣ��Ʈ�� ؾ� �� ȣ��Ʈ�� ߰��ص� �� d�� SSL �۾�; �� ʽ4ϴ�. �׷�� κ�� (�� CA �� 켱��8�� ִ� ��) �� ̸�; �� ̸�� մϴ�. �� ̸�� ġ�� ; �� ? ǥ��մϴ�. �Ϲ��8�� ּ� �� ȣ��Ʈ�� ۾� ȯ�濡�� SSL�� ˴ϴ�.

��ȭ�� d��

��ȭ��: �� ̻�� Ʈ��ũ�� 帧; f��ϰ� ��Ʈ��ũ�� ũ�� մϴ�. ��ȭ��: �ϵ�� Ʈ�� ٷ� �� ֽ4ϴ�. �� Ϲ� ��ȭ�� v�� ȭ�� ; ��մϴ�. ��⿡�� ַ� Application Server�� õ� ��; �ٷ�ϴ�. Ưd ��ȭ�� ڼ�� : ��ȭ�� ޾�ü�� ?�� v�Ͻʽÿ�.

�Ϲ��8�� Ŭ��̾�Ʈ�� ʿ�� TCP/IP ��Ʈ�� ׼�� ֵ�� ȭ��; ��մϴ�. �� , HTTP listener�� Ʈ 8080�� ۵�� Ʈ 8080�� HTTP ��û; ��ϵ�� ȭ��; ��մϴ�. �� Ʈ 8181�� HTTPS ��û; ��d�� Ʈ 8181�� HTTPS ��û; ��ϵ�� ȭ��; ��ؾ� �մϴ�.

��ͳݿ�� EJB �� b RMI-IIOP(Remote Method Invocations over Internet Inter-ORB Protocol) �׼�� ʿ�� RMI-IIOP listener ��Ʈ�� ϴ�. �׷�� '�� ʴ� �� }4ϴ�.

�� ȭ�� v�� HTTP �� HTTPS Ʈ��; ��ϵ�� ܺ� ��ȭ��; ��ؾ� �մϴ�. ��ȭ�� ڿ�� Application Server�� Ϸx� HTTP �� ÷��; ��ϵ�� ȭ��; ��ؾ� �մϴ�.

�� ܼ�; ��Ͽ� ��

HTTP �� IIOP Listener ��

��

�� d

�� d �� ⺻ ��, �͸� ��, �⺻ ��̵� �� й�ȣ ��d; �� ü �� d�� d�մϴ�. �ڼ�� : "�� d ��"; ��v�Ͻʽÿ�.

��

�� : "��, �׷�, �� "�� Ұ��մϴ�. �� ܼ�; ��Ͽ� ��= �۾�; �� ֽ4ϴ�.

��ο� ��

��x �� f

��x �� d

file �� ߰�, ��d �� f

�⺻ �� d

JACC ��

JACC ��ڴ� "JACC �� d"�� Ұ��մϴ�. �� ܼ�; ��Ͽ� ��= �۾�; �� ֽ4ϴ�.

��x JACC �� f �Ǵ� ��d

��

�� : "�� ο� ��d �� "�� Ұ��մϴ�. �� 7� �� '�� : �߿�� ̺�Ʈ�� ߿� ��ϱ� '�� ϴ� ��Դϴ�. �� ̺�Ʈ�� Application Server �α׿� ��ϵ˴ϴ�. ��ü �׼�� α״� Application Server �׼�� ̺�Ʈ�� ; f��մϴ�.

��ο� �� ߰�

��x �� f �Ǵ� ��d

�޽��

�޽�� : "�޽�� "�� Ұ��մϴ�. �� ܼ�; ��Ͽ� ��= �۾�; �� ֽ4ϴ�.

�޽��

��x �޽�� Ǵ� �� f �Ǵ� ��

HTTP �� IIOP Listener ��

HTTP �� ϳ� �̻�� HTTP listener�� Ʈ��ũ ��; f��մϴ�. HTTP �� HTTP listener�� Ϲ�� d�� "HTTP ��"�� v�Ͻʽÿ�.

Application Server�� IIOP(Internet Inter-Orb Protocol)�� Ͽ� ��Ʈ��ũ�� ϴ� CORBA(Common Object Request Broker Architecture) ��ü�� մϴ�. IIOP listener�� EJB�� Ŭ��̾�Ʈ�� ٸ� CORBA �� Ŭ��̾�Ʈ�� 4� ��; ��մϴ�. IIOP listener�� Ϲ�� : "IIOP Listener"�� v�Ͻʽÿ�.

��ο� HTTP �Ǵ� IIOP listener�� ̵�� ϴ� ��; ��d�մϴ�.

��x HTTP �Ǵ� IIOP listener�� d; ��d�մϴ�.

��

�� 񽺴� �� ν��Ͻ�� Ϲ� �ν��Ͻ�� DAS(Domain Administration Server) �� ƴϸ� �� v�� θ� Ȯ��մϴ�. �� 񽺸� ��Ͽ� JSR-160 ȣȯ �� JMX Ŀ��͸� ��մϴ�. �� Ŀ��ʹ� DAS(Domain Administration Server)�� Ʈ �� ; ó��մϴ�. �� Ʈ�� ν��Ͻ�� ȣ��Ʈ �ý��ۿ�� ν��Ͻ�� մϴ�.

��

JMX Ŀ��

JMX Ŀ��Ϳ� �� d ��d

��

Ŀ�� Ǯ�� : "�� d��"�� Ұ��մϴ�. �� ܼ�; ��Ͽ� ��= �۾�; �� ֽ4ϴ�.

�� ; ��x Ŀ�� Ǯ�� ߰�

��x �� f �Ǵ� ��

��ȿ� �� ܼ� �۾�

�� d ��

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 ��մϴ�.

�� ǥ�õ˴ϴ�.

�ʿ��ϸ� ��; ��d�մϴ�. �Ϲ� �� ɼ�: ǥ 14-2�� մϴ�.

ǥ 14-2 �Ϲ� �� d
��d	��
�� α�	�� α�; Ȱ��ȭ�Ϸx� ��մϴ�. Ȱ��ȭ�� d�� d�� ; �ε� �� մϴ�. ��Ȱ��ȭ�� ⿡ �׼�� ʽ4ϴ�. �⺻��8�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�.
�⺻ ��	�� ϴ� Ȱ��(�⺻) ��Դϴ�. �?� �wα׷�� ڿ� �ٸ� ��; ��d�� ʴ� �� ; ��մϴ�. �� Ͽ� ǥ�õ˴ϴ�. �ʱ� �⺻ ��: `file` ��Դϴ�.
�͸� ��	�⺻ ��̳� �͸� �� ̸��Դϴ�. �� ڿ�� ͸� �� d�˴ϴ�. �?� �wα׷�: �� ڿ�� ; ��Ͽ� �� ڿ�� ; �ο��մϴ�.
�⺻ �⺻��	�⺻ ��̵� ��d�մϴ�. �⺻��; f�� : �� ; ��մϴ�. �� ʵ忡 ��; �Է�� ⺻ ��й�ȣ �⺻�� ʵ忡 �ش� ��; �Է��մϴ�. d�� ۾�� Ӽ�� ʿ�� ʽ4ϴ�.
�⺻ ��й�ȣ �⺻��	�⺻ �⺻�� ʵ忡 ��d�� ⺻ �⺻�� й�ȣ�Դϴ�. d�� ۾�� Ӽ�� ʿ�� ʽ4ϴ�.
JACC	�� JACC �� Ŭ�� ̸��Դϴ�. JACC �� ߰�� ڼ�� : "JACC �� ۼ�"; ��v�Ͻʽÿ�.
��	��ǥ�� Ŭ�� Դϴ�. ��⿡ �� : �̹� ��Ǿ� �־�� մϴ�. �� α�; Ȱ��ȭ�� d�� ; ��ؾ� �մϴ�. �⺻��8�� `default`�� ϴ� �� ; ��մϴ�. ��ο� �� ⿡ �� ڼ�� : "�� "�� v�Ͻʽÿ�.

�߰� �� d�� ǿ�� Java Virtual Machine(JVM)�� ߰� �� d�� Է��մϴ�.

/ȿ�� d�� ⺻ �� ʵ忡�� /�� ٸ��ϴ�. /ȿ�� d�� = �� մϴ�.

File �� admin-realm ��

�� ; ��Ϸx� ��; ��ϰų�, �⺻��; ��Ϸx� �⺻�� ε带 ��մϴ�.

�� ׼�� f��

asadmin �׷�� ڸ� �� ְܼ� asadmin �� /ƿ��Ƽ�� ׼�� ֽ4ϴ�.

��ڿ�� ׼�� f��Ϸx� admin-realm�� asadmin �׷쿡 �� ߰��մϴ�. �̸� ��Ϸx� ��= �ܰ踦 ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

admin-realm ��带 ��մϴ�.

��ڸ� �߰�, ��d, ��f�Ϸx� �� ư; ��ϴ�.

��ġ �� ó=�� ġ �� Է�� ̸�� й�ȣ�� admin-keyfile�̶�� Ͽ� ��˴ϴ�. �⺻��8�� ڴ� Application Server�� d�� ִ� ��; f��ϴ� asadmin �׷쿡 ��մϴ�. ��ڿ�� Application Server�� ; �ο�� 쿡�� ڸ� �� ׷쿡 �Ҵ��մϴ�.

��ڸ� admin-realm �� ߰��ϰ� ��ڸ� asadmin �̿�� ׷쿡 ��d�� d�� admin-keyfile�̶�� Ͽ� �� ϵ�� ڴ� �� file �� ?� �wα׷�� ׼�� ִ� �� 4ϴ�.

�� ⸦ �� ο� ��ڸ� admin-realm �� ߰��մϴ�.

�� ̵�, ��й�ȣ �� ׷� �� ʵ忡 dȮ�� d�� Է��մϴ�. ��ڿ�� Application Server�� d�� ִ� ��; �ο��Ϸx� �׷� ��Ͽ�� asadmin �׷�; ��Խ�ŵ�ϴ�.

Ȯ��; �� ڸ� admin-realm �� ߰��ϰų� ��Ҹ� �� ʰ� ��մϴ�.

�� ܼ� �۾�

��

Application Server�� file, certificate �� admin-realm�� ̸� ��Ǿ� �ֽ4ϴ�. ldap, solaris �� d�� ; �� ֽ4ϴ�. �Ϲ��8�� /�� ִµ�, Application Server�� file �� admin-realm�� ֽ4ϴ�. �̴� �� ٸ� �뵵�� /�� Դϴ�. �ý�� ٸ� �� ͺ��̽�� /�� ֽ4ϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

�� 带 ��մϴ�.

�� ⸦ ��ϴ�.

�� ǥ�õ˴ϴ�.

�̸� �ʵ忡 �� ̸�; �Է��մϴ�.

�� Ŭ�� ̸�; ��d�մϴ�. /ȿ�� ׸�� ǥ 14-3�� ǥ�õǾ� �ֽ4ϴ�.

ǥ 14-3 �� Ŭ�� ̸�� /ȿ��
�� ̸�	Ŭ�� ̸�
`file`	`com.sun.enterprise.security.auth.realm.file.FileRealm`
`certificate`	`com.sun.enterprise.security.auth.realm.certificate.CertificateRealm`
`ldap`	`com.sun.enterprise.security.auth.realm.ldap.LDAPRealm`
`solaris`	`com.sun.enterprise.security.auth.realm.solaris.SolarisRealm`
custom	�α�� Ŭ�� ̸�

�� ʼ� �� d�� ϴ� �� d�� ߰��մϴ�.

�� d�� ߰��Ϸx� ��= �۾�; ��մϴ�.

�� d�� ߰�� ϴ�.

�̸� �ʵ忡 �� d�� ̸�; �Է��մϴ�.

file �� d�� : "File �� admin-realm �� "; ��v�Ͻʽÿ�.

certificate �� d�� : "�� "; ��v�Ͻʽÿ�.

ldap �� d�� : "Ldap �� "�� v�Ͻʽÿ�.

solaris �� d�� : "Solaris �� "�� v�Ͻʽÿ�.

custom �� d�� : "�� d�� "�� v�Ͻʽÿ�.

�� ʵ忡 �ش� �� d�� ; �Է��մϴ�.

Ȯ��; ��ϴ�.

Ldap ��

Ldap ��: LDAP �� d�� Ͽ� ��; ��մϴ�. �� d�� ̵�, ��й�ȣ �� ڰ� �� ׷�� Ե˴ϴ�. LDAP ��; ��Ϸx� LDAP ��丮�� ׷�; �̹� d��߾�� մϴ�.

LDAP ��; ��x� ��ο� ��; �߰��ϴ� �� ʿ�� "�� " �ܰ踦 ��ϰ� ǥ 14-4�� ǥ�õ� �� d�� ߰��մϴ�.

ǥ 14-4 `Ldap` �� ʼ� �� d��
�� d�� ̸�	��	��
��丮	��丮 �� LDAP URL�Դϴ�.	`ldap://`hostname`:`port �� LDAP URL ��: `ldap://myldap.foo.com:389`.
base-dn	Ʈ�� ' �˻�; �� 'ġ�� ⺻ ��/ �̸�(DN)�Դϴ�. �� 'ġ�� ̻��  ��̳� ��մϴ�. �˻� Ʈ�� ۰� �Ҽ�� ~��ϴ�.	�˻�� . ��: `dc=siliconvalley, dc=BayArea, dc=sun, dc=com`.
jaas-context	�ش� ��; ��ϴ� �α�� /��Դϴ�.	`ldapRealm`�̾�� մϴ�.

ǥ 14-5 `ldap` �� d��
�� d�� ̸�	��	�⺻��
search-filter	��ڸ� ã�� '�� ϴ� �˻� ��Դϴ�.	`uid=%s`(`%s`�� f �̸�8�� Ȯ��)
group-base-dn	�׷� �� 'ġ�� ⺻ DN�Դϴ�.	`base-dn`�� ʿ�� vd�� ֽ4ϴ�.
group-search-filter	�� ׷� ��; ã�� '�� ˻� ��Դϴ�.	`uniquemember=%d`(`%d`:(��) �� DN8�� Ȯ��)
group-target	�׷� �̸� �׸�; ��ϴ� LDAP �Ӽ� �̸��Դϴ�.	CN
search-bind-dn	�˻� �� vȸ�� ϱ� '�� 丮 �� DN�Դϴ�. �͸�� ˻�; �� ʴ� ��丮�� ʿ��մϴ�.
search-bind-password	`search-bind-dn`�� d�� DN�� LDAP ��й�ȣ�Դϴ�.

��:

�� , LDAP ��丮�� LDAP �� Joe Java�� =�� d�ǵǾ� �ִٰ� ��d�մϴ�.

Ldap ��; ��ų� �� ڵ带 ��ϸ� ǥ 14-6�� ǥ�õ� ��; �Է�� ֽ4ϴ�.

ǥ 14-6 �� `ldap` ��
�� d�� ̸�	�� d��
`directory`	�� LDAP URL ��: `ldap://ldap.acme.com:389`
`base-dn`	`ou=People,dc=acme,dc=com`. �� Ʈ ��d�� ֽ4ϴ�(��: dc=acme, dc=com). �׷�� ˻�� Ʈ�� : �κ�; �� ϴ�.
`jaas-context`	`ldapRealm`

Solaris ��

Solaris ��: �ý�� Ȯ�� ⺻ Solaris �� ͺ��̽�� ׷� d�� n�ɴϴ�. Solaris ��: ��; '�� ⺻ PAM ��ݱ�v�� ȣ��մϴ�. �� PAM ��⿡ ��Ʈ �� ʿ�� ; ��Ϸx� ��; ��Ʈ�� ؾ� �մϴ�. �ڼ�� : Solaris ��?�� κ�; ��v�Ͻʽÿ�.

Solaris �� α�� /��; ��d�ϴ� �ϳ�� ʼ� �� d�� jaas-context�� ֽ4ϴ�. �� d�� : solarisRealm�̾�� մϴ�.

�� d��

�� ⺻ f�� ܿ� �� ͸� �ٸ� ��(��: �� ͺ��̽�)8�� ϴ� �� d�� ; �� ֽ4ϴ�. �� d�� : �� ٷ�� ʽ4ϴ�. �ڼ�� : Application Server Developer's Guide�� Securing Applications ��; ��v�Ͻʽÿ�.

��ڷμ� �⺻��8�� ˾ƾ� �� : JAAS(Java Authentication and Authorization Service) ��Ű�� Ļ�� LoginModule�̶�� ϴ� Ŭ�� d�� ; ��Ѵٴ� a�Դϴ�.

Application Server�� d�� ; ��ϵ�� Ϸx� ��= �۾�; ��մϴ�.

�� d�� ̸�� LoginModule Ŭ�� ̸�; �Է��Ͽ� "�� "�� մϴ�. �� d�� /�� ̸�(��: myCustomRealm); �� ֽ4ϴ�.

ǥ 14-7�� ǥ�õ� �� d�� ߰��մϴ�.

ǥ 14-7 �� d�� /ȿ�� d��
�� d�� ̸�	�� d��
jaas-context	`LoginModule` Ŭ�� ̸�(��: `simpleCustomRealm`)�Դϴ�.
auth-type	�� (��: "�� d�� ")�Դϴ�.

Ȯ��; ��ϴ�.

��=�� α�� install_dir/domains/domain_name/config/login.conf�� ϰ� �� JAAS LoginModule�� d��ȭ�� Ŭ�� ̸�; �߰��մϴ�.


realmName {
 fully-qualified-LoginModule-classname required;
};

�� ,


myCustomRealm {
 com.foo.bar.security.customrealm.simpleCustomLoginModule required;
};

LoginModule Ŭ�� ~�� Ŭ�� install_dir/domains/domain_name/lib/classes ��丮�� մϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� �� ٽ� ��մϴ�.

�� f�� ε�Ǿ�� Ȯ��մϴ�.

install_dir/domains/domain_name/logs/server.log�� Ȯ��Ͽ� �� ; �ε��ߴ�� Ȯ��մϴ�. �� init() �޼ҵ带 ȣ��ؾ� �մϴ�.

��

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

��x �� ̸�; ��մϴ�.

�� ǥ�õ˴ϴ�.

��x �� d�� d�� ; ��ϴ� �� մϴ�.

File �� d�� ڼ�� : "File �� admin-realm �� "; ��v�Ͻʽÿ�. File �� ڸ� ��Ϸx� �� ư; ��ϴ�. �ڼ�� : "File �� "�� v�Ͻʽÿ�.

Certificate �� d�� ڼ�� : "�� "; ��v�Ͻʽÿ�.

�ٸ� �� d�� ߰��Ϸx� �� d�� ߰� ��ư; ��ϴ�. �� ο� �� ǥ�õ˴ϴ�. /ȿ�� d�� ̸�� d�� ; �Է��մϴ�. �� ִ� �� d�� : ��= ǥ�� v�Ͻʽÿ�.

ǥ 14-4, Ldap �� ʼ� �� d��

ǥ 14-5, ldap �� d��

ǥ 14-7, �� d�� /ȿ�� d��

ǥ 14-8, File �� ʼ� �� d��

ǥ 14-9, certificate �� d��

��; �� ; ��մϴ�.

File �� admin-realm ��

�� , �׷� �� й�ȣ d�� file �� keyfile�̶�� Ͽ�, admin-realm�� admin-keyfile�̶�� Ͽ� ��մϴ�. �� file �� d�� Ű �� 'ġ�� d�մϴ�. ǥ 14-8�� file �� ʼ� �� d�� մϴ�.

ǥ 14-8 File �� ʼ� �� d��
�� d�� ̸�	��	�⺻��
file	Ű �� ü �� ̸��Դϴ�.	install_dir`/domains/`domain-name`/ config/keyfile`
jaas-context	�ش� ��; ��ϴ� �α�� /��Դϴ�.	`fileRealm`�� /ȿ�� Դϴ�.

keyfile: ó=�� ־ file ��; ��Ϸx� ��ڸ� �߰��ؾ� �մϴ�. �ڼ�� : "File �� "�� v�Ͻʽÿ�.

admin-keyfile�� ó=�� ̸�, ��ȣȭ�� й�ȣ �� ڰ� �� ׷�(�⺻��8�� asadmin)�� ԵǾ� �ֽ4ϴ�. ��ڸ� admin-realm�� ߰��ϴ� �� ڼ�� : "�� ׼�� f��"�� v�Ͻʽÿ�.

��: admin-realm�� ִ� asadmin �׷�� ڴ� �� ְܼ� asadmin �� ִ� �� ֽ4ϴ�. �� ִ� ��ڸ� �� ׷쿡 �߰��մϴ�.

NSS(Network Security Services)�� Ͽ� ��

Enterprise Edition�� 쿡�� "File �� "�� ܼ�; ��Ͽ� ��ڸ� ��ϰų� NSS �� Ͽ� ��ڸ� �� ֽ4ϴ�. NSS(Network Security Services)�� ; ��ϴ� Ŭ��̾�Ʈ �� ?� �wα׷�� ÷�� ; ��ϱ� '�� ̺귯�� Դϴ�. NSS�� ?� �wα׷�: SSL v2 �� v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 �� Ÿ �� ǥ��; �� ֽ4ϴ�. �ڼ�� : ��= URL ��ũ�� v�Ͻʽÿ�.

http://www.mozilla.org/projects/security/pki/nss/�� NSS(Network Security Services)

http://www.mozilla.org/projects/security/pki/nss/tools/�� NSS ��

http://www.mozilla.org/projects/security/pki/nss/overview.html�� NSS ��

File ��

�� ܼ�; ��Ͽ� file �� ڸ� ��մϴ�. File �� ڿ� �׷�: file �� d�� 'ġ�� d�� Ű ��Ͽ� ��˴ϴ�.

��: �� ܰ踦 ��Ͽ� admin-realm; �� ڸ� �߰�� ֽ4ϴ�. �� v�� file �� ̸�8�� ü�ϱ⸸ �ϸ� �˴ϴ�.

File �� ڴ� �� Ư��8�� з�� J2EE �׷��� ֽ4ϴ�. �� , �� ŷ� �?� �wα׷�� ?: CUSTOMER �׷쿡 �� , �뷮 �Һ��ڴ� PREFERRED �׷쿡 �� ֽ4ϴ�. ��ڸ� �׷�8�� ȭ�ϸ� ��: �� ׼�� f�� ֽ4ϴ�.

Application Server ��ġ �� ó=�� ġ �߿� �Է�� ڸ�� /�� Դϴ�. �⺻��8�� ڴ� Application Server�� d�� ִ� ��; f��ϴ� admin-realm �� asadmin �׷쿡 ��մϴ�. �� ׷쿡 ��d�� ڴ� �� Ư��; �� ˴ϴ�. ��, asadmin �� ֿܼ� �׼�� ִ� ��; ��4ϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

File ��带 ��մϴ�.

��ڸ� �߰�, ��d, ��f�Ϸx� �� ư; ��ϴ�.

�� ǥ�õ˴ϴ�. �� = �۾�; ��մϴ�.

�� ߰�

��

�� f

�� ߰�

�� ⸦ �� ο� ��ڸ� file �� ߰��մϴ�.

�� = d�� Է��մϴ�.

�� ̵�(�ʼ�) - ��̵��Դϴ�.

��й�ȣ(�ʼ�) - �� й�ȣ�Դϴ�.

��й�ȣ Ȯ��(�ʼ�) - ��; '�� ٽ� �Է�� й�ȣ�Դϴ�.

�׷� ��(�� ) - ��ǥ�� ڰ� ��ϴ� �׷� ��Դϴ�. �� ׷�; �ٸ� �� d�� ʿ�� 4ϴ�.

Ȯ��; �� ڸ� file �� Ͽ� �߰��մϴ�. ��Ҹ� �� ʰ� ~��մϴ�.

��

�� ̵� �� d�� ̵� ��ϴ�.

�� ǥ�õ˴ϴ�.

��й�ȣ �ʵ�� й�ȣ Ȯ�� ʵ忡 ��ο� ��й�ȣ�� Է��Ͽ� �� й�ȣ�� մϴ�.

�׷� �� ʵ忡�� ׷�; �߰��ϰų� ��f�Ͽ� ��ڰ� �� ׷�; ��մϴ�. �׷� �̸�; ��ǥ�� մϴ�. �׷�; �� d�� ʿ�� 4ϴ�.

��; �� ڸ� file �� Ͽ� ��մϴ�. �ݱ⸦ �� ʰ� ~��մϴ�.

�� f

��f�� ̵� ��ʿ� �ִ� Ȯ�ζ�; ��մϴ�.

��f�� ϴ�.

�ݱ⸦ �� ư��ϴ�.

��

Certificate ��: SSL ��; ��մϴ�. �� : Application Server�� ؽ�Ʈ�� ̵� ��d�ϰ�, truststore �� keystore �� ȣ�� Ȯ�ε� Ŭ��̾�Ʈ �� : �� ͷ� �̸� ä��ϴ�("�� d��" ��v). certutil; ��Ͽ� �� Ͽ� ��ڸ� �߰��մϴ�. Certificate ��; ��Ͽ� J2EE ��̳ʴ� �� / �̸�(DN); ��8�� ó�� մϴ�. ��/ �̸�(DN): �� Ű�� ĺ��ϴ� ��ƼƼ �̸��Դϴ�. �� ̸�� X.500 ǥ��; ��ϹǷ� ��ͳݿ�� /�մϴ�. Keystores �� truststores�� ڼ�� : "CertUtil /ƿ��Ƽ d��"�� certutil ��?�� v�Ͻʽÿ�.

ǥ 14-9 `certificate` �� d��
�� d��	��
assign-groups	��ǥ�� ׷� �̸� ��. /ȿ�� f��ϴ� �� Ŭ��̾�Ʈ�� ׷쿡 �Ҵ�˴ϴ�. �� , �� ׷�� ̸�� `employee,manager`�Դϴ�.
jaas-context	�ش� ��; ��ϴ� �α�� /��Դϴ�. `Certificate` �� : `certificateRealm`�̾�� մϴ�.

��ȣ ��

�� ?� �wα׷�� ȣ �� Ȱ��ȭ

�?� �wα׷�� ȣ SSL �� Ȱ��ȭ

��ȣ �� Ŭ��̾�Ʈ�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�. ��ȣ ��; �׽�Ʈ�Ϸx� /ȿ�� Ŭ��̾�Ʈ�� ־�� մϴ�. ��ȣ �� ڼ�� : ��= 'ġ�� ִ� J2EE 1.4 Tutorial�� Security ��; ��v�Ͻʽÿ�.

�� ?� �wα׷�� ȣ �� Ȱ��ȭ

Application Server�� HTTPS ��; '�� certificate ��; ��մϴ�.

�� ; ��ϴ� �� ?� �wα׷�� ȣ ��; ��d�Ϸx� ��= �ܰ踦 ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

Certificate ��; ��մϴ�.

�� d�� ߰� ��ư; ��ϴ�.

�̸� �ʵ忡 clientAuth�� Է��մϴ�.

�� ʵ忡 true�� Է��մϴ�.

��; ��ϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

�� ٽ� �� , certificate ��; ��ϴ� �� ?� �wα׷�� Ŭ��̾�Ʈ �� ʿ��մϴ�.

�?� �wα׷�� ȣ SSL �� Ȱ��ȭ

Ưd �?� �wα׷�� ȣ ��; Ȱ��ȭ�Ϸx� deploytool; ��Ͽ� �� ; Client-Certificate�� d�մϴ�. deploytool ��뿡 �� ڼ�� : ��= 'ġ�� ִ� J2EE 1.4 Tutorial�� Security ��; ��v�Ͻʽÿ�.

�� f

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

�� 带 ��մϴ�.

��f�� ִ� Ȯ�ζ�; ��մϴ�.

��f�� ϴ�.

�⺻ �� d

�⺻ ��: �?� �wα׷�� ڿ�� ; ��d�� : �� Application Server�� ο�� '�� ϴ� ��Դϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 ��մϴ�.

�� ǥ�õ˴ϴ�.

�⺻ �� ʵ�� Ӵٿ� ��Ͽ�� ϴ� ��; ��մϴ�.

�� ; ��Ϸx� ��; ��, �� ; ��f�ϰ� Application Server �⺻��; ��Ϸx� �⺻�� ε带 ��ϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õ� �� ٽ� ��մϴ�.

JACC ��ڿ� �� ܼ� �۾�

JACC �� ۼ�

JACC(Java Authorization Contract for Containers)�� ÷�� ο� �� ̽�� d��ϴ� J2EE 1.4 �� Ϻ��Դϴ�. JACC�� ϸ� ��ڴ� Ÿ�� �÷�� ��; �� ο�� ϵ�� d�� ֽ4ϴ�. �⺻��8�� Application Server�� JACC ȣȯ �� ο� ��; f��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

JACC �� 带 ��մϴ�.

JACC �� ⸦ ��ϴ�.

JACC �� =; �Է��մϴ�.

�̸� - �� ڸ� �ĺ��ϱ� '�� ϴ� �̸��Դϴ�.

då �� - då �� 丮�� ϴ� Ŭ�� ̸��Դϴ�. �⺻ ��ڴ� com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl; ��մϴ�.

då �� - då ��丮�� ϴ� Ŭ�� ̸��Դϴ�. �⺻ ��ڴ� com.sun.enterprise.security.provider.PolicyWrapper�� մϴ�.

�� d�� ߰� ��ư; �� d�� ڿ� �߰��մϴ�. /ȿ�� d�� =�� 4ϴ�.

repository: då ��; ��ϴ� ��丮�Դϴ�. �⺻ �� : install_dir/domains/domain_dir/generated/policy�Դϴ�.

�� ; ��Ϸx� Ȯ��; ��, �� ʰ� ��Ϸx� ��Ҹ� ��ϴ�.

JACC ��

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

JACC �� 带 Ȯ��մϴ�.

�� JDBC �� 带 ��մϴ�.

JACC �� ϴ� �� d�� d�մϴ�.

då �� - då �� 丮�� ϴ� Ŭ�� ̸��Դϴ�.

då �� - då ��丮�� ϴ� Ŭ�� ̸��Դϴ�.

�� d�� ߰��Ϸx� �߰� ��ư; ��ϴ�. �� d�� ̸�� ; �Է��մϴ�. /ȿ�� ׸�: ��=�� 4ϴ�.

repository: då ��; ��ϴ� ��丮�Դϴ�. �⺻ �� : ${com.sun.aas.instanceRoot}/generated/policy�Դϴ�.

��x �� d�� f�Ϸx� �� d�� ʿ� �ִ� Ȯ�ζ�; �� = �� d�� f�� ϴ�.

��Ϸx� ��; ��, �� ʰ� ��Ϸx� �� ڷ� ��ư; ��ϴ�.

JACC �� f

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

JACC �� 带 ��մϴ�.

��f�� JACC �� ʿ� �ִ� Ȯ�ζ�; ��մϴ�.

��f�� ϴ�.

Ȱ�� JACC �� d

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 ��մϴ�.

�� ǥ�õ˴ϴ�.

JACC �ʵ忡 �� JACC �� ̸�; �Է��մϴ�.

�� JACC ��ڸ� �� Ʈ�� JACC �� Ҹ� Ȯ��Ͽ� �� JACC ��ڸ� �� ǥ��մϴ�.

�� ; ��Ϸx� ��; ��ϰ�, �⺻��8�� ư��x� �⺻�� ε带 ��մϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

�� ⿡ �� ܼ� �۾�

��

Application Server�� ⺻ �� ; f��մϴ�. �ڼ�� : "�⺻ �� "; ��v�Ͻʽÿ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

�� 带 ��մϴ�.

�� ⸦ ��ϴ�.

�� = d�� Է��մϴ�.

�̸� - �� ; �ĺ��ϱ� '�� ̸��Դϴ�.

Ŭ�� ̸� - �� ; ��ϴ� Ŭ�� d��ȭ�� ̸��Դϴ�. �⺻ �� Ŭ�� ̸�: com.sun.enterprise.security.Audit�Դϴ�.

JVM �� d�� ⿡ �߰��Ϸx� �� d�� ߰�� ϴ�. �� d�� ̸�� ; ��d�մϴ�. /ȿ�� d�� =�� 4ϴ�.

auditOn - �� Ŭ�� Ȱ��ȭ�� θ� ��d�մϴ�. /ȿ�� : true�� false�Դϴ�.

�Է�; ��Ϸx� Ȯ��; ��, �� ʰ� ��Ϸx� ��Ҹ� ��ϴ�.

��

�� : �⺻��8�� d�Ǿ� �� ʽ4ϴ�. �� Ȱ�� ڼ�� : "�� α� Ȱ�� Ȱ��ȭ"�� v�Ͻʽÿ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

�� 带 ��ϴ�.

�� ʿ�� Ŭ�� ̸�; ��d�մϴ�.

�߰� ��ư; ��ϰ� �� d�� ̸�� ; �Է��Ͽ� ��⿡ �� ߰� �� d�� Է��մϴ�. /ȿ�� d�� =�� 4ϴ�.

auditOn - �� ; �� θ� ��d�մϴ�. /ȿ�� : true�� false�Դϴ�.

��d�� ̸��̳� ��; ��ϰ� �ؽ�Ʈ �ʵ忡 �� ; ��b �Է��Ͽ� ��x �� d�� d�մϴ�.

�� d�� ʿ� �ִ� Ȯ�ζ�; ��ϰ� �� d�� f�� d�� f�մϴ�.

��Ϸx� ��; ��, �� ʰ� ��Ϸx� �� ڷ� ��ư; ��ϴ�.

�� f

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

�� 带 ��մϴ�.

��f�� ʿ� �ִ� Ȯ�ζ�; ��մϴ�.

��f�� ϴ�.

�� α� Ȱ�� Ȱ��ȭ

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 ��մϴ�.

�� ǥ�õ˴ϴ�.

�α�; ��Ϸx� �� α� Ȯ�ζ�; ��մϴ�. ��Ȱ��ȭ�Ϸx� Ȯ�ζ�; �� f�մϴ�. �� ɼ�; ��ϸ� �� ; �ε��ϰ� Application Server�� ̺귯�� a�� ; ȣ��մϴ�.

�� α�; �� "Ȱ�� d"�� ⺻ �� ; ��d�մϴ�.

��; ��Ͽ� �� ; ��մϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

Ȱ�� d

�� ʵ忡 �� ̸�; �Է��մϴ�(�� ; default�� ). �� auditOn�� "�⺻ �� "�� true�� d�Ǿ� �ִ�� Ȯ��մϴ�.

�� ; ��Ϸx� ��; ��ϰ�, ��Ϸx� �⺻�� ε带 ��մϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

�⺻ ��

default �� : �� ο� ��û; �� α� ��Ͽ� �α��մϴ�. �α� �� 'ġ ��濡 �� ڼ�� : "�Ϲ� �α� ��d ��"; ��v�Ͻʽÿ�.

��; �õ�� ̵�

�׼�� û; ó��

��û�� % �� URI �Ǵ� EJB ��

��û�� Ǵ� ��

�� α� �� ο� �� Application Server�� źε� �� ̺�Ʈ�� α��մϴ�.

�� ̵�

��û�� % URI �Ǵ� EJB ��

��û�� Ǵ� ��

�⺻ ��

�α� �� ܿ�� Ưd �ʼ� �� ⿡�� 䱸�ϴ� �� d�� d�մϴ�. �⺻ �� = �ܰ踦 ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

Default ��带 ��ϴ�.

auditOn �� d�� ; true�� d�մϴ�.

��; ��Ͽ� �� ; ��մϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

Listener �� JMX Ŀ��Ϳ� �� ܼ� �۾�

HTTP Listener��

HTTP �� ϳ� �̻�� HTTP listener�� Ʈ��ũ ��; f��մϴ�. �� ܼ�; ��Ͽ� ��ο� HTTP listener�� x HTTP listener�� d; ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

HTTP �� 带 Ȯ��մϴ�.

HTTP Listeners ��带 ��մϴ�.

HTTP listener�� Ͽ� ��x listener�� ϰų�, �� ⸦ �� "HTTP Listener ��"�� Ͽ� listener�� ϴ�.

"Listener �� d�� d"�� Ͽ� �� d�� d�մϴ�.

�� ; ��Ϸx� ��; ��, �� ʰ� ��Ϸx� �� ڷ� ��ư; ��ϴ�.

IIOP Listener��

Application Server�� CORBA(Common Object Request Broker Architecture) ��ü�� մϴ�. �� ü�� IIOP(Internet Inter-Orb Protocol)�� Ͽ� ��Ʈ��ũ�� մϴ�. IIOP listener�� EJB�� Ŭ��̾�Ʈ�� ٸ� CORBA �� Ŭ��̾�Ʈ�� 4� ��; �޾Ƶ��Դϴ�. �� ܼ�; ��Ͽ� ��ο� IIOP listener�� x IIOP listener�� d; ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

ORB ��带 Ȯ��մϴ�.

IIOP Listeners ��带 ��մϴ�.

IIOP listener�� Ͽ� �ش� listener�� ϰų�, �� ⸦ �� "IIOP Listener ��"�� Ͽ� listener�� ϴ�.

"Listener �� d�� d"�� Ͽ� �� d�� d�մϴ�.

��; �� ; ��ϰų�, �⺻�� ε带 �� d�� ⺻��8�� մϴ�.

�� JMX Ŀ��Ϳ� ��

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

�� 带 Ȯ��մϴ�.

��d�� 񽺸� ��մϴ�.

"Listener �� d�� d"�� Ͽ� �� d�� d�մϴ�.

��; �� ; ��ϰų�, �⺻�� ε带 �� d�� ⺻��8�� մϴ�.

Listener �� d�� d

HTTP listener, IIOP listener �� JMX Ŀ�� d�� d�ϱ� '�� = �� մϴ�.

HTTP Listener ��, IIOP Listener �� Ǵ� JMX Ŀ�� SSL ��8�� ̵��մϴ�.

�� ʵ忡�� Ȯ�ζ�; ��Ͽ� �� listener�� ; ��մϴ�. �� ɼ�; ��ϸ� SSL3 �Ǵ� TLS�� Ͽ� ��ϴ� �� /��; ��d�ϰ� �� ; �Է��ؾ� �մϴ�.

�� Listener�� Ŭ��̾�Ʈ�� ڽ�; Application Server�� Ϸx� Ŭ��̾�Ʈ �� ʵ忡�� Ȯ�ζ�; ��մϴ�.

�� Ȯ�ζ�; �� Ī �ʵ忡 keystore ��Ī; �Է��մϴ�. Keystore ��Ī: ��x �� Ű �ְ� �� ĺ��ϴ� �� Դϴ�. �⺻ keystore�� : s1as�Դϴ�.

�� ; ã�ƺ��x� "CertUtil /ƿ��Ƽ d��"�� certutil /ƿ��Ƽ�� մϴ�.

�� Ȯ�ζ�; �� SSL3 �Ǵ� TLS�� մϴ�. �⺻��8�� SSL3�� TLS�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�.

�ʿ�� ȣȭ �׷�; Ȱ��ȭ�մϴ�. �⺻��8�� Ǵ� ��ȣ �׷�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�. ��ȣ�� "��ȣȭ d��"�� մϴ�.

�� ; ��Ϸx� ��; ��ϰ�, ��Ϸx� �⺻�� ε带 ��մϴ�.

�� ܼ� �� ۾�

�� (SSO) ��

�� ; ��ϸ� �?� �wα׷�� α׿�; �� ־�� ʿ�� ?� �wα׷�� α׿� d�� /�� ֽ4ϴ�. �� ; ��ϴ� �?� �wα׷�: ��ڸ� �� ϰ� �� d�� ٸ� �� õ� �?� �wα׷�� մϴ�.

��: �� ¿�� HTTP ��Ű�� Ͽ� �� û; �� ̵�� Ű�� ū; ��մϴ�. �� Ŭ��̾�Ʈ�� Ű�� 쿡�� ; �� ֽ4ϴ�.

��ڰ� % �?� �wα׷�� ȣ�� ڿ� �׼�� ش� % �?� �wα׷�� d�ǵ� ��; ��Ͽ� ��ڰ� �ڽ�; �� ; �䱸�մϴ�.

�� Ǹ� Application Server�� ڰ� �� ?� �wα׷� �� ڽ�; �� ʿ� �� % �?� �wα׷�� ; ��d�� ڿ� �� ; ��մϴ�.

��ڰ� �ϳ�� % �?� �wα׷�� 8�� Ǵ� �� α׾ƿ�� % �?� �wα׷�� ȿȭ�˴ϴ�. ��, �� ?� �wα׷�� ȣ�� ڿ� �׼��Ϸx� �α��ؾ� �մϴ�.

Application Server�� ⺻��8�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�. �� ; ��Ȱ��ȭ�ϰų� �ٸ� �� d�� Ϸx� ��= �ܰ踦 ��մϴ�.

�� ܼ� Ʈ�� ҿ�� 带 Ȯ��մϴ�.

�� ν��Ͻ�� Ȯ��մϴ�.

Ưd �ν��Ͻ�� Ϸx� �ش� �ν��Ͻ�� 带 ��մϴ�. �� ⺻ �ν��Ͻ�� server�� server-config ��带 Ȯ��մϴ�.

�� ν��Ͻ�� ⺻ ��d; ��Ϸx� default-config ��带 Ȯ��մϴ�.

HTTP �� 带 Ȯ��մϴ�.

�� 带 Ȯ��ϰ�, �� ; '�� մϴ�.

�� d�� ߰�� ϴ�.

�� Ʒ�� d�� ׸�� ߰��˴ϴ�.

�̸� �ʵ忡 sso-enable; �Է��մϴ�.

��Ȱ��ȭ�� ʵ忡 false�� Է��ϰ�, SSO�� Ȱ��ȭ�Ϸx� true�� Է��մϴ�. SSO�� ⺻��8�� Ȱ��ȭ�Ǿ� �ֽ4ϴ�.

�� d�� ߰�� SSO �� d�� Ͽ� �ٸ� �� d�� ߰��ϰų� ��մϴ�. /ȿ�� SSO �� d�� ǥ 14-10�� մϴ�.

ǥ 14-10 �� SSO �� d��
�� d�� ̸�	��	��
sso-max-inactive-seconds	Ŭ��̾�Ʈ �۾�� ŵ�� ʴ� �� ڵ带 f�� ؾ� �ϴ� �ð�(��)�Դϴ�. �� ִ� � �?� �wα׷��̶� �ϴ� �׼��ϸ� �� ڵ�� Ȱ��ȭ�� /��˴ϴ�.	�⺻��: 300��(5��)�Դϴ�. �� : ��; ��ϸ� �� Ӽ�� : �޸𸮸� ��մϴ�.
sso-reap-interval-seconds	�� ڵ带 f��ϴ� ��(��)�Դϴ�.	�⺻��: 60�Դϴ�.

��; ��ϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

Ŀ�� Ǯ�� ܼ� �۾�

Ŀ�� Ǯ d��

Ŀ�� (�ڿ� ��Ͷ�? ��); ��ϸ� J2EE �?� �wα׷�� EIS(Enterprise Information Systems)�� ȣ �ۿ�� ֽ4ϴ�. Ŀ�� ڿ�: �?� �wα׷�� EIS�� ; f��մϴ�. Ŀ�� Ǯ: Ưd EIS�� ׷��Դϴ�.

�� ; ��ϸ� J2EE �� ׷�� EIS �� ׷� �� ; �ۼ�� ֽ4ϴ�. �� ܼ�; ��Ͽ� Ŀ�� Ǯ�� ; �ۼ�, ��Ʈ, �� f�մϴ�.

��: �� ؽ�Ʈ�� ڴ� �⺻��̶�? �մϴ�. EIS(Enterprise Information System)�� d�� ִ� �ý��Դϴ�. ��w��, �޽�¡ �ý��, ��ͺ��̽� �ý�� Ǵ� �?� �wα׷��Դϴ�.

�� d��

�� ; ��Ͽ� �?� �wα׷�(�⺻�� Ǵ� �� ׷�)�� ȣ�� ̵� ��̳� �� Ʈ�� ó�� EIS �⺻��8�� մϴ�. �?� �wα׷� �⺻�� EIS�� û; ��ϸ� Application Server�� Ŀ�� Ǯ�� d�ǵ� �� ; ��Ͽ� dȮ�� ⺻��; Ȯ��ؼ� ��ε� �鿣�� EIS �⺻��; Ȯ��մϴ�. dȮ�ϰ� ��ġ�ϴ� �� 8�� Application Server�� ϵ�ī�� ; ��Ͽ� ��ε� �鿣�� EIS �⺻��; Ȯ��մϴ�. EIS�� Ưd ��̵�� ؾ� �� EIS �۾�; �?� �wα׷� ��ڰ� ��ؾ� �� ; ��մϴ�.

��

Ŀ�� Ǯ�� : ��ڿ� �׷�(�⺻��); EIS �⺻�� մϴ�. EIS�� Ưd ��̵� �ʿ�� EIS �۾�; �?� �wα׷� ��ڰ� ��ؾ� �� ; ��մϴ�.

�ڿ� ��带 Ȯ��մϴ�.

Ŀ�� 带 Ȯ��մϴ�.

Ŀ�� Ǯ ��带 ��մϴ�.

�� Ǯ ��Ͽ�� ̸�; ��Ͽ� Ŀ�� Ǯ; ��ϰų�, �� Ǯ ��Ͽ�� ⸦ ��ϰ� "Ŀ�� Ǯ ��"�� ħ; ��Ͽ� ��ο� Ŀ�� Ǯ; ��ϴ�.

�� մϴ�.

�� ⸦ �� ο� �� ; ��ϴ�.

�� = �� d�� Է��մϴ�.

�̸� - �� Ưd �� ; ��v�ϱ� '�� ̸�; �Է��մϴ�.

�� ׷� - �ش��ϴ� EIS �⺻�� εǴ� �?� �wα׷�� ȣ�� ̵��Դϴ�. ��ǥ�� е� �?� �wα׷�� ׷� ��; �Է��ϰų�, ��ϵ�ī�� ǥ(*)�� Է��Ͽ� �� ڳ� �� ׷�; ǥ��մϴ�. �⺻ �Ǵ� �� ׷� �ɼ� �� ϳ��; ��d�մϴ�.

�⺻�� - �� EIS �⺻�� εǴ� �?� �wα׷�� ȣ�� ̵��Դϴ�. ��ǥ�� е� �?� �wα׷�� ⺻�� ; �Է��ϰų�, ��ϵ�ī�� ǥ(*)�� Է��Ͽ� �� ⺻��; ǥ��մϴ�. �⺻ �Ǵ� �� ׷� �ɼ� �� ϳ��; ��d�մϴ�.

�鿣�� ⺻�� ǿ� ��= �� d�� Է��մϴ�.

��̵� - EIS ��̵� �Է��մϴ�. EIS(Enterprise Information System)�� d�� ִ� �ý��Դϴ�. ��w��, �޽�¡ �ý��, ��ͺ��̽� �ý�� Ǵ� �?� �wα׷��Դϴ�.

��й�ȣ - EIS �� й�ȣ�� Է��մϴ�.

Ȯ��; �� ; ��ų�, ��Ҹ� �� ʰ� ��մϴ�.

��

��d�� Ŀ�� Ǯ�� ; ��d�Ϸx� ��= �ܰ踦 ��մϴ�.

�ڿ� ��带 Ȯ��մϴ�.

Ŀ�� 带 Ȯ��մϴ�.

Ŀ�� Ǯ ��带 ��մϴ�.

�� Ǯ ��Ͽ�� ̸�; ��Ͽ� Ŀ�� Ǯ; ��մϴ�.

�� մϴ�.

�� Ͽ�� ; ��մϴ�.

�� ʿ�� = �� d�� d�մϴ�.

�鿣�� ⺻�� ǿ� ��= �� d�� Է��մϴ�.

��й�ȣ - EIS �� й�ȣ�� Է��մϴ�.

��; �� ; ��մϴ�.

/�� asadmin ��: list-connector-security-maps, update-connector-security-maps

�� f

��d�� Ŀ�� Ǯ�� ; ��f�Ϸx� ��= �ܰ踦 ��մϴ�.

�ڿ� ��带 Ȯ��մϴ�.

Ŀ�� 带 Ȯ��մϴ�.

Ŀ�� Ǯ ��带 ��մϴ�.

�� Ǯ ��Ͽ�� ̸�; ��Ͽ� Ŀ�� Ǯ; ��մϴ�.

�� մϴ�.

�� f�� ̸� ��ʿ� �ִ� Ȯ�ζ�; ��մϴ�.

��f�� ϴ�.

�� SSL �۾�

�� d��

Application Server�� ġ�ϸ� �� ׽�Ʈ�� NSS ��8�� ˴ϴ�. �⺻��8�� Application Server�� install_dir/domains/domain_name/config ��丮�� Ͽ� �� d�� մϴ�.

Keystore �� - �⺻��8�� d�� key3.db�� Application Server�� Ű�� Ͽ� �ش� �� Ե˴ϴ�. Keystore ��: ��й�ȣ�� ȣ�˴ϴ�. asadmin change-master-password ��; ��Ͽ� ��й�ȣ�� մϴ�. certutil�� ڼ�� : "CertUtil /ƿ��Ƽ d��"�� v�Ͻʽÿ�.

Trust-store �� - �⺻��8�� d�� cert8.db�� ٸ� �׸�� Ű�� Ͽ� Application Server�� Ʈ��Ʈ�� Ե˴ϴ�. Ʈ��Ʈ�� Ű�� /�ڿ�� ϴ�� Ȯ��߽4ϴ�. �Ϲ��8�� Ʈ��Ʈ�� (CA)�� Ե˴ϴ�.

Platform Edition�� Application Server�� keytool; ��Ͽ� �� keystore�� ϴ� JSSE ��; ��մϴ�. Enterprise Edition�� Application Server�� certutil; ��Ͽ� �� Ű�� ϴ� NSS ��ͺ��̽�� ϴ� NSS�� մϴ�. �� Edition�� Ŭ��̾�Ʈ��(appclient �Ǵ� �� )�� JSSE ��; ��մϴ�.

�⺻��8�� Application Server�� ?� �wα׷�� ۵��ϰ� �� 뵵�� keystore �� truststore�� Ǿ� �ֽ4ϴ�. �۾�; '�� Ī; ��ϰų�, �ٸ� �� truststore�� ߰��ϰų�, keystore �� trust-store �� ̸� �Ǵ� 'ġ�� ֽ4ϴ�.

�� 'ġ ��

��; '�� f�� keystore �� trust-store ��: install_dir/domains/domain_name/config ��丮�� ˴ϴ�. Keystore �� trust-store �� ̸� �� 'ġ�� Ϸx� ��= �ܰ踦 ��մϴ�.

�� ܼ� Ʈ�� ; Ȯ��մϴ�.

Server-config(Admin Config) ��带 Ȯ��մϴ�.

JVM ��d ��带 ��մϴ�.

JVM �ɼ� ��; ��ϴ�.

JVM �ɼ� �� ʵ忡�� = ��; �߰��ϰų� ��d�Ͽ� �� ο� 'ġ�� ݿ��մϴ�.


-Dcom.sun.appserv.nss.db=${com.sun.aas.instanceRoot}/NSS_database_directory

��⼭ ks_name: keystore �� ̸��̰� ts_name: trust-store �� ̸��Դϴ�.

��; ��ϴ�.

�ֿܼ� �ٽ� ��ؾ� �� ǥ�õǸ� Application Server�� ٽ� ��մϴ�.

Ű �� /ƿ��Ƽ d��

Keytool; ��Ͽ� Platform Edition�� JSSE �� d �� ۾��մϴ�. J2SE SDK�� keytool�� Բ� f��ǹǷ� ��ڰ� ��/�� Ű �� ֽ4ϴ�. ��ڰ� �� Ǿ�� Ű�� 8�� ĳ�� ֽ4ϴ�.

keytool; ��Ϸx� J2SE /bin ��丮�� ο� �ֵ�� ȯ��; ��ϰų� �� ü ��θ� ��ٿ�� f��ؾ� �մϴ�. keytool�� ڼ�� : ��= 'ġ�� ִ� keytool ��?�� v�Ͻʽÿ�.

CertUtil /ƿ��Ƽ d��

Certutil; ��Ͽ� Enterprise Edition�� NSS �� d �� ۾��մϴ�. �� ͺ��̽� �� certutil: Netscape Communicator cert8.db �� key3.db ��ͺ��̽� ��; �ۼ� �� d�� ִ� �� /ƿ��Ƽ�Դϴ�. �� cert8.db �� , ��, ��d �Ǵ� ��f�ϰų�, ��й�ȣ�� ۼ� �Ǵ� ��ϰų�, ��ο� �� Ű ��; ��ϰų�, Ű ��ͺ��̽� ��; ǥ��ϰų�, key3.db �� Ű ��; ��f�� ֽ4ϴ�.

Ű�� wμ�� 밳 Ű ��ͺ��̽�� Ű�� =, �� ͺ��̽�� ϴ� ��8�� ۵˴ϴ�. �Ʒ� �� certutil /ƿ��Ƽ�� ; ��Ͽ� NSS�� Ű ��ͺ��̽� �� մϴ�.

PKCS12 �� /Ű ��ͺ��̽� �� Ű�� n�0� �� '�� /ƿ��Ƽ�� pk12util�Դϴ�. pk12util /ƿ��Ƽ�� ڼ�� : ��=; ��v�Ͻʽÿ�.

��

Certutil; ��Ͽ� �� ϰ�, ��n�0�, ��4ϴ�. �� ڼ�� : "CertUtil /ƿ��Ƽ d��"�� v�Ͻʽÿ�.

��

�� /�ڴ� 'v�� '�� ؾ� �մϴ�. �� ŷ� ��Ʈ�� ̵� �� ߿�� Ʈ�� ˷�� (CA)�� ֽ4ϴ�. �� ߿�� ; ��, �� Ÿ� �ʿ�� CA �� ʿ�� ð�� ϰ� ��ü �� մϴ�.

��

CA�� % ��Ʈ�� ħ; ��Ͽ� �� Ű ��; ��մϴ�.

�� Ű ��; �ٿ�ε��մϴ�.

�� keystore �� trust-store ��; ��ϴ� ��丮(�⺻��8�� install_dir/domains/domain-dir/config ��丮)�� մϴ�. �� 'ġ ��濡 �� ڼ�� : "�� 'ġ ��"; ��v�Ͻʽÿ�.

�� ִ� ��丮�� մϴ�.

Certutil; ��Ͽ� �� keystore�� n�0�, �ʿ�� trust-store�ε� ��n�ɴϴ�.

Application Server�� ٽ� ��մϴ�.

certutil ��뿡 �� ڼ�� : ��= 'ġ�� ִ� certutil ��?�� v�Ͻʽÿ�.

�� f

��x �� f�Ϸx� certutil /ƿ��Ƽ�� մϴ�. Certutil /ƿ��Ƽ�� ڼ�� : "CertUtil /ƿ��Ƽ d��"�� v�Ͻʽÿ�.

14�� ���� ����

Application Server ���� d��

���� ����

�?� �wα׷� �� �ý��� ���� ����

���� �� ����

��й�ȣ ���� ��

��ȣȭ�� ��й�ȣ�� ����Ͽ� ���� ��ȣ

������ ��й�ȣ ����

�� ��й�ȣ ����

���� å�� ��d

�?� �wα׷� ������

�?� �wα׷� ������

�ý��� ����

���� �� ���� �ο� d��

��ƼƼ ����

���� ���� ��(SSO) ����

����� ���� �ο�

JACC ����� ��d

���� �� ���� �ο� ��d ���� ����

�޽��� ���� ����

�����, �׷�, ���� �� ���� ����

�����

�׷�

����

����

���� �� SSL �Ұ�

������ ���� d��

���� ü�� d��

SSL(Secure Sockets Layer) d��

��ȣȭ d��

�̸� ����� ���� ȣ��Ʈ ���

��ȭ�� d��

�� �ܼ�; ����Ͽ� ���� ��

���� ���� ��d

���� �� ���� ���� �����

JACC �����

���� ���

�޽��� ����

HTTP �� IIOP Listener ����

�� ���� ����

���� ��

���ȿ� ���� �� �ܼ� �۾�

���� ��d ����

�� ������ ���� �׼��� f��

������ ���� �� �ܼ� �۾�

���� �����

Ldap ���� �����

��:

Solaris ���� �����

����� d�� ���� �����

���� ����

File ������ admin-realm ���� ����

NSS(Network Security Services)�� ����Ͽ� ����� ��

File ���� ����� ��

����� �߰�

����� ����

����� ��f

���� ���� ����

��ȣ ���� ����

��� �?� �wα׷��� ��ȣ ���� Ȱ��ȭ

�?� �wα׷����� ��ȣ SSL ���� Ȱ��ȭ

���� ��f

�⺻ ���� ��d

JACC ����ڿ� ���� �� �ܼ� �۾�

JACC ����� �ۼ�

JACC ����� ����

JACC ����� ��f

Ȱ�� JACC ����� ��d

���� ��⿡ ���� �� �ܼ� �۾�

���� ��� �����

���� ��� ����

���� ��� ��f

���� �α� Ȱ�� �� ��Ȱ��ȭ

Ȱ�� ���� ��� ��d

�⺻ ���� ��� ���

�⺻ ���� ��� ��� �� ��� �� ��

Listener �� JMX Ŀ���Ϳ� ���� �� �ܼ� �۾�

HTTP Listener�� ���� ���� ����

IIOP Listener�� ���� ����

�� ������ JMX Ŀ���Ϳ� ���� ���� ����

14��
��

Application Server �� d��

��

�?� �wα׷� �� ý��

��

��й�ȣ ��

��ȣȭ�� й�ȣ�� Ͽ� �� ȣ

�� й�ȣ ��

�� й�ȣ ��

�� å�� d

�?� �wα׷� ��

�?� �wα׷� ��

�ý��

�� ο� d��

��ƼƼ ��

�� (SSO) ��

�� ο�

JACC �� d

�� ο� ��d ��

�޽��

��, �׷�, ��

��

��

��

�� SSL �Ұ�

�� d��

�� ü�� d��

�̸� �� ȣ��Ʈ ��

�� ܼ�; ��Ͽ� ��

�� d

��

JACC ��

��

�޽��

HTTP �� IIOP Listener ��

��

��

��ȿ� �� ܼ� �۾�

�� d ��

�� ׼�� f��

�� ܼ� �۾�

��

Ldap ��

Solaris ��

�� d��

��

File �� admin-realm ��

NSS(Network Security Services)�� Ͽ� ��

File ��

�� ߰�

��

�� f

��

��ȣ ��

�� ?� �wα׷�� ȣ �� Ȱ��ȭ

�?� �wα׷�� ȣ SSL �� Ȱ��ȭ

�� f

�⺻ �� d

JACC ��ڿ� �� ܼ� �۾�

JACC �� ۼ�

JACC ��

JACC �� f

Ȱ�� JACC �� d

�� ⿡ �� ܼ� �۾�

��

��

�� f

�� α� Ȱ�� Ȱ��ȭ

Ȱ�� d

�⺻ ��

�⺻ ��

Listener �� JMX Ŀ��Ϳ� �� ܼ� �۾�

HTTP Listener��

IIOP Listener��

�� JMX Ŀ��Ϳ� ��

Listener �� d�� d

�� ܼ� �� ۾�

�� (SSO) ��

Ŀ�� Ǯ�� ܼ� �۾�

Ŀ�� Ǯ d��