Application Engine 환경의 경우 프록시 서버에서 SSO를 사용할 수 있습니다. 이 선택적 접근 방식을 사용하려면 WebSphere® Application Server에서 web.xml 파일을 편집하십시오.
AE_install_path/Workplace/WEB-INF/web.xml
<param-name>challengeProxyEnabled</param-name>
<param-value> false </param-value>
<web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define thecontainer secured resource</description> <url-pattern>/containerSecured/*</url-pattern> <!-- 보안 스레드를 얻기 위해 증명서가 필요한 모든 자원을 보안 설정해야 하는 경우 이 섹션을 주석 해제하십시오. WebSphere를 사용하는 경우, 이 섹션을 주석 해제해야 합니다. --> 이 주석 태그를 아래의 </web-resource- collection> 닫는 태그 바로 앞에서 여기로 이동하십시오. <url-pattern>/containerSecured/*</url-pattern> <url-pattern>/</url-pattern> <url-pattern>/author/*</url-pattern> <url-pattern>/Browse.jsp</url-pattern> <url-pattern>/eprocess/*</url-pattern> <url-pattern>/Favorites.jsp</url-pattern> <url-pattern>/GetPortalSitePreferences.jsp</url-pattern> <url-pattern>/GetTokenSignIn.jsp</url-pattern> <url-pattern>/GetUserInformation.jsp</url-pattern> <url-pattern>/GetUserToken.jsp</url-pattern> <url-pattern>/HomePage.jsp</url-pattern> <url-pattern>/IntegrationWebBasedHelp.jsp</url-pattern> <url-pattern>/is/*</url-pattern> <url-pattern>/operations/*</url-pattern> <url-pattern>/properties/*</url-pattern> <url-pattern>/redirect/*</url-pattern> <url-pattern>/regions/*</url-pattern> <url-pattern>/Search.jsp</url-pattern> <url-pattern>/select/*</url-pattern> <url-pattern>/SelectReturn.jsp</url-pattern> <url-pattern>/Tasks.jsp</url-pattern> <url-pattern>/UI-INF/*</url-pattern> <url-pattern>/utils/*</url-pattern> <url-pattern>/WcmAdmin.jsp</url-pattern> <url-pattern>/WcmAuthor.jsp</url-pattern> <url-pattern>/WcmBootstrap.jsp</url-pattern> <url-pattern>/WcmCloseWindow.jsp</url-pattern> <url-pattern>/WcmDefault.jsp</url-pattern> <url-pattern>/WcmError.jsp</url-pattern> <url-pattern>/WcmJavaViewer.jsp</url-pattern> <url-pattern>/WcmObjectBookmark.jsp</url-pattern> <url-pattern>/WcmQueueBookmark.jsp</url-pattern> <url-pattern>/WcmSignIn.jsp</url-pattern> <url-pattern>/WcmSitePreferences.jsp</url-pattern> <url-pattern>/WcmUserPreferences.jsp</url-pattern> <url-pattern>/WcmWorkflowsBookmark.jsp</url-pattern> <url-pattern>/wizards/*</url-pattern> <url-pattern>/Author/*</url-pattern> <url-pattern>/axis/*.jws</url-pattern> <url-pattern>/Browse/*</url-pattern> <url-pattern>/ceTunnel</url-pattern> <url-pattern>/CheckoutList/*</url-pattern> <url-pattern>/downloadMultiTransferElement/*</url-pattern> <url-pattern>/ExternalUrl/*</url-pattern> <url-pattern>/findRecordTarget</url-pattern> <url-pattern>/formCallback/*</url-pattern> <url-pattern>/getAnnotSecurity/*</url-pattern> <url-pattern>/getCEAnnotations/*</url-pattern> <url-pattern>/getContent/*</url-pattern> <url-pattern>/getForm/*</url-pattern> <url-pattern>/getISAnnotations/*</url-pattern> <url-pattern>/getISAnnotSecurity/*</url-pattern> <url-pattern>/getISContent/*</url-pattern> <url-pattern>/getMultiContent/*</url-pattern> <url-pattern>/getPreview</url-pattern> <url-pattern>/getProcessor/*</url-pattern> <url-pattern>/getRealms/*</url-pattern> <url-pattern>/getUsersGroups/*</url-pattern> <url-pattern>/Inbox/*</url-pattern> <url-pattern>/integrationCommandProxy</url-pattern> <url-pattern>/integrationResponse</url-pattern> <url-pattern>/integrationResponseProxy</url-pattern> <url-pattern>/integrationWebBasedCommand</url-pattern> <url-pattern>/keepAlive</url-pattern> <url-pattern>/launch/*</url-pattern> <url-pattern>/PublicQueue/*</url-pattern> <url-pattern>/putContent/*</url-pattern> <url-pattern>/QuickSearch/*</url-pattern> <url-pattern>/signingServlet/*</url-pattern> <url-pattern>/transport/*</url-pattern> <url-pattern>/upload/*</url-pattern> <url-pattern>/vwsimsoapservlet</url-pattern> <url-pattern>/vwsoaprouter</url-pattern> <url-pattern>/Workflows/*</url-pattern> 닫는 주석 태그를 여기에서 이 예제의 시작 부분에 표시된 위치로 이동하십시오. </web-resource-collection>
<auth-constraint> <!-- <role-name>*</role-name> --> <!-- WebSphere 6의 경우 위의 와일드카드 role 대신 아래의 role-name 행을 사용하십시오. --> <role-name>모두 인증</role-name> <!-- WebSphere 6의 경우, 이 security-role 요소를 login-config 요소(아래) 아래에 추가하십시오. <security-role> <description>모두 인증</description> <role-name>모두 인증</role-name> </security-role> --> </auth-constraint>
<security-role> <description>모두 인증</description> <role-name>모두 인증</role-name> </security-role>
<security-constraint> <web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define the non-secured resource</description> <url-pattern>/P8BPMWSBroker/*</url-pattern> </web-resource-collection> </security-constraint>
<!-- <login-config> <auth-method>FORM</auth-method> <realm-name>AE Workplace</realm-name> <form-login-config> <form-login-page>/ContainerLogin.jsp</form-login-page> <form-error-page>/ContainerError.jsp</form-error-page> </form-login-config> </login-config> -->
이 매개변수는 Workplace가 요청에 표시하는 원시 URL 요소를 한 개 이상 수정하는 데 사용됩니다. URL 요청의 SSO 프록시 호스트 요소 값이 Workplace가 배치된 호스트의 해당 정보와 다를 경우에는 URL에 있는 이 요소의 해당 <proxy host element> 매개변수를 SSO 프록시 호스트의 값으로 설정해야 합니다.
<init-param> <param-name>ssoProxyContextPath</param-name> <param-value></param-value> </init-param> <init-param> <param-name>ssoProxyHost</param-name> <param-value></param-value> </init-param> <init-param> <param-name>ssoProxyPort</param-name> <param-value></param-value> </init-param> <init-param> <param-name>ssoProxySSLPort</param-name> <param-value></param-value> </init-param>
<param-name>ssoProxyContextPath</param-name> <param-value>/Workplace</param-value>
<param-name>ssoProxyHost</param-name> <param-value>sso_proxy_server</param-value>
<param-name>ssoProxyPort</param-name> <param-value>80</param-value>
<param-name>ssoProxySSLPort</param-name> <param-value>443</param-value>