diff options
| author | joonhoekim <26rote@gmail.com> | 2025-06-20 11:47:15 +0000 |
|---|---|---|
| committer | joonhoekim <26rote@gmail.com> | 2025-06-20 11:47:15 +0000 |
| commit | abd9f950bbd95b9ad713a26d3fd8a7e0282b7c51 (patch) | |
| tree | aafc71d5ff23962c2d6d5e902c66ee070b7ac068 /config/saml | |
| parent | 994defd6446ce20c4b4e0d6cc91688b0e64230a4 (diff) | |
(김준회) SAML 2.0 SSO (Knox Portal) 추가
Diffstat (limited to 'config/saml')
| -rw-r--r-- | config/saml/idp_metadata.xml | 26 | ||||
| -rw-r--r-- | config/saml/sp_metadata.xml | 24 |
2 files changed, 50 insertions, 0 deletions
diff --git a/config/saml/idp_metadata.xml b/config/saml/idp_metadata.xml new file mode 100644 index 00000000..bc448907 --- /dev/null +++ b/config/saml/idp_metadata.xml @@ -0,0 +1,26 @@ +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="www.stage1.samsung.net">
+ <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIID2zCCAsOgAwIBAgIJAKUgkCmmclHOMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJLUjEPMA0GA1UECAwGSmFtc2lsMQ4wDAYDVQQHDAVTZW91bDETMBEGA1UECgwKU2Ftc3VuZ1NEUzEdMBsGA1UECwwUSW50cmFuZXRCdXNpbmVzc1RlYW0xHzAdBgNVBAMMFm5ldC5zYW1zdW5nLmtub3hwb3J0YWwwHhcNMTcwOTA2MDQxNDAzWhcNMjcwOTA0MDQxNDAzWjCBgzELMAkGA1UEBhMCS1IxDzANBgNVBAgMBkphbXNpbDEOMAwGA1UEBwwFU2VvdWwxEzARBgNVBAoMClNhbXN1bmdTRFMxHTAbBgNVBAsMFEludHJhbmV0QnVzaW5lc3NUZWFtMR8wHQYDVQQDDBZuZXQuc2Ftc3VuZy5rbm94cG9ydGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nT5VRgS/PGj7iL8l4kpyEqs04BocOrIPf9mn+Ky/pA3BkgfxItkAfxqKjrzZ2J/0yB1jkjpHYxQQSpah5f/FrxK/G3lCMlpQzFgT9qfX/VJqhJLU3JF4hhxTVp77rF5Sqz2CWdTzrKgEhVhQupfANL67uw1GrR2AoPWsmGqr/ybdEcjr0w3lYrnCb9LYvvT+KOmZg1nVEbMAJ66xFuiuc4IGAot+IIHY86ZjSXRfMBkJaisEpStXXja0PD8SHDu31DdLomaRYrv9eyoh3q/LONejfgd8IrAJO3Om8zNmfF2Q665Ab4oPFoRznjvR74/pszIxqQTYoVgKkDKRmTOjQIDAQABo1AwTjAdBgNVHQ4EFgQUiolG//FttT/5g3IBaoRvjNWNCt0wHwYDVR0jBBgwFoAUiolG//FttT/5g3IBaoRvjNWNCt0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAQVBxmGnZHo3dMLKFgAf8oLevA1TuA03p6jj2MVLwFMjw0S74bFpgS4ZXEzsliGAQprVwTzo06XtTxQENxddbFMRfKroKvpyM20uBt2JI5nBmE/kzrb4AOguRRTNKfb9o4zk2yO7Ra31dWHrvZ3usV8A0KLIHef6iUPv4mBMXY5e7gEUjoZxbZQucyHOrYvuj/TISd7n6r37cotf5ldUD5B+ADP05AgTTP1vKzyfOsb+zRqTTi8WFOc2SlbTktXPvfiQmHs6OoCbNNYXfQT+YO0x3y8M4TevvoeKvTjQp1E+Q+J8hAh7xTIemb6wP460ObUD9w+wyqUk44XJGdibtgQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIID2zCCAsOgAwIBAgIJAKUgkCmmclHOMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJLUjEPMA0GA1UECAwGSmFtc2lsMQ4wDAYDVQQHDAVTZW91bDETMBEGA1UECgwKU2Ftc3VuZ1NEUzEdMBsGA1UECwwUSW50cmFuZXRCdXNpbmVzc1RlYW0xHzAdBgNVBAMMFm5ldC5zYW1zdW5nLmtub3hwb3J0YWwwHhcNMTcwOTA2MDQxNDAzWhcNMjcwOTA0MDQxNDAzWjCBgzELMAkGA1UEBhMCS1IxDzANBgNVBAgMBkphbXNpbDEOMAwGA1UEBwwFU2VvdWwxEzARBgNVBAoMClNhbXN1bmdTRFMxHTAbBgNVBAsMFEludHJhbmV0QnVzaW5lc3NUZWFtMR8wHQYDVQQDDBZuZXQuc2Ftc3VuZy5rbm94cG9ydGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nT5VRgS/PGj7iL8l4kpyEqs04BocOrIPf9mn+Ky/pA3BkgfxItkAfxqKjrzZ2J/0yB1jkjpHYxQQSpah5f/FrxK/G3lCMlpQzFgT9qfX/VJqhJLU3JF4hhxTVp77rF5Sqz2CWdTzrKgEhVhQupfANL67uw1GrR2AoPWsmGqr/ybdEcjr0w3lYrnCb9LYvvT+KOmZg1nVEbMAJ66xFuiuc4IGAot+IIHY86ZjSXRfMBkJaisEpStXXja0PD8SHDu31DdLomaRYrv9eyoh3q/LONejfgd8IrAJO3Om8zNmfF2Q665Ab4oPFoRznjvR74/pszIxqQTYoVgKkDKRmTOjQIDAQABo1AwTjAdBgNVHQ4EFgQUiolG//FttT/5g3IBaoRvjNWNCt0wHwYDVR0jBBgwFoAUiolG//FttT/5g3IBaoRvjNWNCt0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAQVBxmGnZHo3dMLKFgAf8oLevA1TuA03p6jj2MVLwFMjw0S74bFpgS4ZXEzsliGAQprVwTzo06XtTxQENxddbFMRfKroKvpyM20uBt2JI5nBmE/kzrb4AOguRRTNKfb9o4zk2yO7Ra31dWHrvZ3usV8A0KLIHef6iUPv4mBMXY5e7gEUjoZxbZQucyHOrYvuj/TISd7n6r37cotf5ldUD5B+ADP05AgTTP1vKzyfOsb+zRqTTi8WFOc2SlbTktXPvfiQmHs6OoCbNNYXfQT+YO0x3y8M4TevvoeKvTjQp1E+Q+J8hAh7xTIemb6wP460ObUD9w+wyqUk44XJGdibtgQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc">
+ <xenc:KeySize xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">256</xenc:KeySize>
+ </md:EncryptionMethod>
+ </md:KeyDescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Knox Portal</md:OrganizationName>
+ </md:Organization>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://epsso.stage.samsung.net/sso/saml/SingleSignOnService"/>
+ </md:IDPSSODescriptor>
+</md:EntityDescriptor>
\ No newline at end of file diff --git a/config/saml/sp_metadata.xml b/config/saml/sp_metadata.xml new file mode 100644 index 00000000..9d0ff626 --- /dev/null +++ b/config/saml/sp_metadata.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+ entityID="http://60.101.108.100">
+
+ <md:SPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+ AuthnRequestsSigned="false"
+ WantAssertionsSigned="false">
+
+ <!-- HTTP-POST 및 HTTP-Redirect 바인딩 둘 다 지원 -->
+ <md:AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://60.101.108.100/api/saml/callback"
+ index="0"
+ isDefault="true"/>
+
+ <md:AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://60.101.108.100/api/saml/callback"
+ index="1"/>
+
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
\ No newline at end of file |