페이지 이력
| Sv translation | ||
|---|---|---|
| ||
After successful installation of the Authentication server with SAML protocol you need to include your SAML signing certificate in Authentication Server using below steps. 1.Open CMD (Run in Administrator mode) and stop the MagicInfo Auth server process by the following command if Auth server is running. taskkill /F /IM "MagicINFO Auth Server.exe" /T 2. Create new folder named ‘samlkeystore’ inside installation directory of MagicInfo Authentication server. NOTE: Java is required to be installed in system to run keytool commands. 3. Create keystore file with the following command keytool -genkey -keyalg RSA -noprompt -alias tomcat keyalias -dname "CN=commonname, OU=organizationunit, O=organization, L= locality, S=state, C=country" -keystore samlkeystore.jks -validity 9999 -storepass password -keypass password NOTE: make changes in the value of various options of the above command, if needed. 4. Create new folder named ‘samlkeystore’ inside installation directory of MagicInfo Authentication server. 5. Place keystore file in ‘samlkeystore’ folder. 6. AddyourSAML signing certificate to above created keystore file. keytool -import -alias samlcert -file samlcert.cer -keystore samlkeystore.jks 7. Update second linein “MagicInfo Auth Server.vbs” file located at ‘C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp’ wshShell.run """D:\Program Files\MagicInfo Auth\jre\bin\MagicInfo Auth Server.exe"" -DMAGICINFO_AUTH_HOME=""C:\Program Files\MagicInfo Auth"" -jar ""D:\Program Files\MagicInfo Auth\resources\jar\magicinfo-auth-server-1.0.0.RELEASE.jar"" --server.port=8081 --server.ssl.key-alias=tomcat --server.ssl.key-store-type=JKS --server.ssl.key-password=changeit --server.ssl.key-store=${MAGICINFO_AUTH_HOME}\keystore\authkeystore.jks --saml.sp.keyStore.path=""file:///C:/Program Files/MagicInfo Auth/samlkeystore/samlkeystore.jks"" --saml.sp.keyStore.password=changeit --saml.sp.keyStore.defaultKey=tomcat --saml.sp.signing.keyAlias=tomcat --saml.sp.encryption.keyAlias=tomcat"
Added Property information: --saml.sp.keyStore.path = path of the newly created keystore containing SAML signing certificate. --saml.sp.keyStore.password = keystore password --saml.sp.keyStore.defaultKey = key alias --saml.sp.signing.keyAlias = key alias --saml.sp.encryption.keyAlias = key alias 8. Restart Authentication Server. |
| Sv translation | |||||
|---|---|---|---|---|---|
| |||||
By using MagicINFO Authentication Server and SAML, user authentication can be made. Configuring SAML IDP
| |||||
| IDP Metadata Type | IDP meta·data can be registered using the URL or FILE method. | ||||
| URL | Registration is made using the metadata download URL provided by IDP. | ||||
| FILE | Registration is made using the metadata file provided by IDP. | ||||
| IDP Metadata Filename / IDP Metadata URL | Set the download address or file name of the IDP metadata to register. | ||||
| SSO Name ID | Set the value for Name ID.
| ||||
| SSO ID Attribute | Set Attribute to be used as ID. | ||||
| SSO Role Attribute | Set Attribute to reference the value in Role. | ||||
| 정보 | ||
|---|---|---|
| ||
When proxy configuration is required, enter the following settings in \conf\config.properties in the path where MagicINFO Authentication Server is installed and then restart the installed computer. saml.idp.proxy.ip = 10.89.123.456 saml.idp.proxy.port = 444 |
Registering with File
- When installing MagicINFO Authentication Server, in IDP Metadata Type, select “FILE. ” In this case, the IDP metadata file must be registered manually.
- Copy the IDP metadata file under the following path and then restart the computer where MagicINFO Authentication Server is installed.
\saml
| title | Note |
|---|
After successful installation of the Authentication server with SAML protocol you need to include your SAML signing certificate in Authentication Server using below steps.
1. Open CMD (Run in Administrator mode) and stop the MagicInfo Auth server process by the following command if Auth server is running.
taskkill /F /IM "MagicINFO Auth Server.exe" /T
2. Create new folder named ‘samlkeystore’ inside installation directory of MagicInfo Authentication server.
NOTE: Java is required to be installed in system to run keytool commands.
3. Create keystore file with the following command
keytool -genkey -keyalg RSA -noprompt -alias keyalias -dname "CN=commonname, OU=organizationunit, O=organization, L= locality, S=state, C=country" -keystore samlkeystore.jks -validity 9999 -storepass password -keypass password
NOTE: make changes in the value of various options of the above command, if needed.
4. Create new folder named ‘samlkeystore’ inside installation directory of MagicInfo Authentication server.
5. Place keystore file in ‘samlkeystore’ folder.
6. Add your SAML signing certificate to above created keystore file.
keytool -import -alias samlcert -file samlcert.cer -keystore samlkeystore.jks
7. Update second line in “MagicInfo Auth Server.vbs” file located at ‘C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp’
wshShell.run """D:\Program Files\MagicInfo Auth\jre\bin\MagicInfo Auth Server.exe"" -DMAGICINFO_AUTH_HOME=""C:\Program Files\MagicInfo Auth"" -jar ""D:\Program Files\MagicInfo Auth\resources\jar\magicinfo-auth-server-1.0.0.RELEASE.jar"" --server.port=8081 --server.ssl.key-alias=tomcat --server.ssl.key-store-type=JKS --server.ssl.key-password=changeit --server.ssl.key-store=${MAGICINFO_AUTH_HOME}\keystore\authkeystore.jks --saml.sp.keyStore.path=""file:///C:/Program Files/MagicInfo Auth/samlkeystore/samlkeystore.jks"" --saml.sp.keyStore.password=changeit --saml.sp.keyStore.defaultKey=tomcat --saml.sp.signing.keyAlias=tomcat --saml.sp.encryption.keyAlias=tomcat"
Added Property information:
--saml.sp.keyStore.path = path of the newly created keystore containing SAML signing certificate.
--saml.sp.keyStore.password = keystore password
--saml.sp.keyStore.defaultKey = key alias
--saml.sp.signing.keyAlias = key alias
--saml.sp.encryption.keyAlias = key alias
8. Restart Authentication Server.