검색 결과 :
×Shibboleth-2를 IdP로 구성하려면 아래 단계를 따르세요.
Shibboleth-2를 IdP로 구성
<MetadataProviderxsi:type="InlineMetadataProvider"
xmlns="urn
:mace:shibboleth:2.0:metadata" id="MyInlineMetadata">
<EntitiesDescriptorxmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<md:EntityDescriptorxmlns:md="urn:oasis:names:tc:SAML:2
.0:metadata"
entityID="<ENTITY_ID_FROM_PLUGIN>">
<md:SPSSODescriptorAuthnRequestsSigned="false"
WantAssertionsSigned="true" protocolSupportEnumeration=
"urn:oasis:names:tc:SAML:2.0:protocol">
<
urn:oasis:names:tc:SAML:1
.1:nameidformat:emailAddress</md:NameIDFormat>
<md:AssertionConsumerService
Binding="urn
:oasis:names:tc:SAML:2.0:bindings:https-POST"
Location="<ACS_URL_FROM_PLUGIN>"
index="1"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>
</EntitiesDescriptor>
</MetadataProvider>
<resolver:AttributeDefinitionxsi:type="ad:Si
mple" id="email"
sourceAttributeID="mail">
<resolver:Dependency ref="ldapConnector" />
<resolver:AttributeEncoderxsi:type="enc:SAML2
StringNameID"
nameFormat="urn:oasis:names:tc:SAML:1.1:
nameid-format:emailAddress"/>
</resolver:AttributeDefinition>
<afp:AttributeFilterPolicy id="releaseTransientIdToAnyone">
<afp:PolicyRequirementRulexsi:type="basic:ANY"/>
<afp:AttributeRuleattributeID="email">
<afp:PermitValueRulexsi:type="basic:ANY"/>
</afp:AttributeRule>
</afp:AttributeFilterPolicy>
IDP 엔터티 ID | https://<your_domain>/idp/shibboleth |
단일 로그인 URL | https://<your_domain>/idp/profile/SAML2/Redirect/SSO |
X.509 인증서 | Shibboleth 서버의 공개 키 인증서 |