Application Engine 환경에서 프록시 서버와 SSO를 함께 사용할 수 있습니다. 이 방법은 선택사항이며 WebSphere® Application Server에서 web.xml 파일을 편집하여 이 방법을 사용할 수 있습니다.
AE_install_path/Workplace/WEB-INF/web.xml
<param-name>challengeProxyEnabled</param-name>
<param-value> false </param-value>
<web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define thecontainer secured resource</description> <url-pattern>/containerSecured/*</url-pattern> <!-- Uncomment this section if all resources that require credentials must be secured in order to obtain a secured Thread. If using WebSphere, this section must be uncommented. --> Move this commenting tag here from just before the </web-resource- collection> closing tag below. <url-pattern>/containerSecured/*</url-pattern> <url-pattern>/</url-pattern> <url-pattern>/author/*</url-pattern> <url-pattern>/Browse.jsp</url-pattern> <url-pattern>/eprocess/*</url-pattern> <url-pattern>/Favorites.jsp</url-pattern> <url-pattern>/GetPortalSitePreferences.jsp</url-pattern> <url-pattern>/GetTokenSignIn.jsp</url-pattern> <url-pattern>/GetUserInformation.jsp</url-pattern> <url-pattern>/GetUserToken.jsp</url-pattern> <url-pattern>/HomePage.jsp</url-pattern> <url-pattern>/IntegrationWebBasedHelp.jsp</url-pattern> <url-pattern>/is/*</url-pattern> <url-pattern>/operations/*</url-pattern> <url-pattern>/properties/*</url-pattern> <url-pattern>/redirect/*</url-pattern> <url-pattern>/regions/*</url-pattern> <url-pattern>/Search.jsp</url-pattern> <url-pattern>/select/*</url-pattern> <url-pattern>/SelectReturn.jsp</url-pattern> <url-pattern>/Tasks.jsp</url-pattern> <url-pattern>/UI-INF/*</url-pattern> <url-pattern>/utils/*</url-pattern> <url-pattern>/WcmAdmin.jsp</url-pattern> <url-pattern>/WcmAuthor.jsp</url-pattern> <url-pattern>/WcmBootstrap.jsp</url-pattern> <url-pattern>/WcmCloseWindow.jsp</url-pattern> <url-pattern>/WcmDefault.jsp</url-pattern> <url-pattern>/WcmError.jsp</url-pattern> <url-pattern>/WcmJavaViewer.jsp</url-pattern> <url-pattern>/WcmObjectBookmark.jsp</url-pattern> <url-pattern>/WcmQueueBookmark.jsp</url-pattern> <url-pattern>/WcmSignIn.jsp</url-pattern> <url-pattern>/WcmSitePreferences.jsp</url-pattern> <url-pattern>/WcmUserPreferences.jsp</url-pattern> <url-pattern>/WcmWorkflowsBookmark.jsp</url-pattern> <url-pattern>/wizards/*</url-pattern> <url-pattern>/Author/*</url-pattern> <url-pattern>/axis/*.jws</url-pattern> <url-pattern>/Browse/*</url-pattern> <url-pattern>/ceTunnel</url-pattern> <url-pattern>/CheckoutList/*</url-pattern> <url-pattern>/downloadMultiTransferElement/*</url-pattern> <url-pattern>/ExternalUrl/*</url-pattern> <url-pattern>/findRecordTarget</url-pattern> <url-pattern>/formCallback/*</url-pattern> <url-pattern>/getAnnotSecurity/*</url-pattern> <url-pattern>/getCEAnnotations/*</url-pattern> <url-pattern>/getContent/*</url-pattern> <url-pattern>/getForm/*</url-pattern> <url-pattern>/getISAnnotations/*</url-pattern> <url-pattern>/getISAnnotSecurity/*</url-pattern> <url-pattern>/getISContent/*</url-pattern> <url-pattern>/getMultiContent/*</url-pattern> <url-pattern>/getPreview</url-pattern> <url-pattern>/getProcessor/*</url-pattern> <url-pattern>/getRealms/*</url-pattern> <url-pattern>/getUsersGroups/*</url-pattern> <url-pattern>/Inbox/*</url-pattern> <url-pattern>/integrationCommandProxy</url-pattern> <url-pattern>/integrationResponse</url-pattern> <url-pattern>/integrationResponseProxy</url-pattern> <url-pattern>/integrationWebBasedCommand</url-pattern> <url-pattern>/keepAlive</url-pattern> <url-pattern>/launch/*</url-pattern> <url-pattern>/PublicQueue/*</url-pattern> <url-pattern>/putContent/*</url-pattern> <url-pattern>/QuickSearch/*</url-pattern> <url-pattern>/signingServlet/*</url-pattern> <url-pattern>/transport/*</url-pattern> <url-pattern>/upload/*</url-pattern> <url-pattern>/vwsimsoapservlet</url-pattern> <url-pattern>/vwsoaprouter</url-pattern> <url-pattern>/Workflows/*</url-pattern> Move the closing comment tag from here to the location indicated at the beginning of this example. </web-resource-collection>
<auth-constraint> <!-- <role-name>*</role-name> --> <!-- For WebSphere 6, use the role-name line below instead of the wildcard role above. --> <role-name>All Authenticated</role-name> <!-- For WebSphere 6, add this security-role element below the login-config element (below). <security-role> <description>All Authenticated</description> <role-name>All Authenticated</role-name> </security-role> --> </auth-constraint>
<security-role> <description>All Authenticated</description> <role-name>All Authenticated</role-name> </security-role>
<security-constraint> <web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define the non-secured resource</description> <url-pattern>/P8BPMWSBroker/*</url-pattern> </web-resource-collection> </security-constraint>
<!-- <login-config> <auth-method>FORM</auth-method> <realm-name>AE Workplace</realm-name> <form-login-config> <form-login-page>/ContainerLogin.jsp</form-login-page> <form-error-page>/ContainerError.jsp</form-error-page> </form-login-config> </login-config> -->
이러한 매개변수 값은 Workplace에 대한 요청에 포함되는 원시 URL의 요소를 수정하기 위해 사용됩니다. URL 요청에 포함된 SSO 프록시 호스트 요소의 값이 Workplace가 배치된 호스트에 대한 해당 정보와 다를 경우, 일치되지 않는 URL 요소의 SSO <프록시 호스트 요소> 매개변수를 SSO 프록시 호스트에 대한 값으로 설정해야 합니다.
<init-param> <param-name>ssoProxyContextPath</param-name> <param-value></param-value> </init-param> <init-param> <param-name>ssoProxyHost</param-name> <param-value></param-value> </init-param> <init-param> <param-name>ssoProxyPort</param-name> <param-value></param-value> </init-param> <init-param> <param-name>ssoProxySSLPort</param-name> <param-value></param-value> </init-param>
<param-name>ssoProxyContextPath</param-name> <param-value>/Workplace</param-value>
<param-name>ssoProxyHost</param-name> <param-value>sso_proxy_server</param-value>
<param-name>ssoProxyPort</param-name> <param-value>80</param-value>
<param-name>ssoProxySSLPort</param-name> <param-value>443</param-value>