Chaos and Order

Chaos and Order https://www.youngju.dev/blog 천천히 올바르게. AI Researcher & DevOps Engineer Youngju's tech blog. GPU/CUDA, LLM, MLOps, Kubernetes AI workloads, distributed training, and data engineering. ko fjvbn2003@gmail.com (Youngju Kim) fjvbn2003@gmail.com (Youngju Kim) Fri, 12 Jun 2026 00:00:00 GMT https://www.youngju.dev/blog/devops/2026-06-12-legacy-websso-hybrid-iam-coexistence-patterns.en Designing the Coexistence of Legacy WebSSO and Modern IAM — Architecture Patterns for the Hybrid Transition Era https://www.youngju.dev/blog/devops/2026-06-12-legacy-websso-hybrid-iam-coexistence-patterns.en The transition from legacy WebSSO to modern IAM lasts for years. We organize four coexistence patterns — protocol bridges, reverse-proxy header injection, identity orchestration, and the strangler fig — along with session/logout synchronization, security risks, and completion criteria, illustrated by a fictional case of migrating 200 apps on a bank intranet. Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) iamssokeycloaksiteminderarchitecturesecurityoidc https://www.youngju.dev/blog/devops/2026-06-12-legacy-websso-hybrid-iam-coexistence-patterns.ja レガシー WebSSO とモダン IAM の共存設計 — ハイブリッド移行期のアーキテクチャパターン https://www.youngju.dev/blog/devops/2026-06-12-legacy-websso-hybrid-iam-coexistence-patterns.ja レガシー WebSSO からモダン IAM への移行期は数年間続きます。プロトコルブリッジ、リバースプロキシのヘッダー注入、identity orchestration、strangler fig — 4つの共存パターンと、セッション/ログアウト同期、セキュリティリスク、移行完了基準を、銀行イントラネット 200 アプリの仮想事例とともに整理します。 Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) iamssokeycloaksiteminderarchitecturesecurityoidc https://www.youngju.dev/blog/devops/2026-06-12-legacy-websso-hybrid-iam-coexistence-patterns 레거시 WebSSO와 모던 IAM의 공존 설계 — 하이브리드 전환기의 아키텍처 패턴 https://www.youngju.dev/blog/devops/2026-06-12-legacy-websso-hybrid-iam-coexistence-patterns 레거시 WebSSO에서 모던 IAM으로의 전환기는 수년간 지속됩니다. 프로토콜 브리지, 리버스 프록시 헤더 주입, identity orchestration, strangler fig — 네 가지 공존 패턴과 세션/로그아웃 동기화, 보안 리스크, 전환 완료 기준을 은행 인트라넷 200개 앱 가상 사례와 함께 정리합니다. Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) iamssokeycloaksiteminderarchitecturesecurityoidc https://www.youngju.dev/blog/devops/2026-06-12-siteminder-architecture-legacy-web-sso.en Dissecting Symantec SiteMinder Architecture — The Standard of Legacy Enterprise WebSSO https://www.youngju.dev/blog/devops/2026-06-12-siteminder-architecture-legacy-web-sso.en A deep dive into SiteMinder, the product that dominated enterprise WebSSO for over two decades. We dissect the Policy Server, Web Agent, SMSESSION cookie, the realm/rule/policy object model, and the security implications of header-based identity propagation — because you cannot migrate to modern IAM without understanding the legacy you are leaving. Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) siteminderssoiamsecuritywebssolegacydevops https://www.youngju.dev/blog/devops/2026-06-12-siteminder-architecture-legacy-web-sso.ja Symantec SiteMinder アーキテクチャ解剖 — レガシーエンタープライズ WebSSO の標準 https://www.youngju.dev/blog/devops/2026-06-12-siteminder-architecture-legacy-web-sso.ja 20年以上にわたりエンタープライズ WebSSO 市場を支配してきた SiteMinder のアーキテクチャを解剖します。Policy Server、Web Agent、SMSESSION クッキー、realm/rule/policy オブジェクトモデル、ヘッダーベースのユーザー伝搬のセキュリティ含意まで — レガシー IAM を理解してこそモダン IAM への移行が可能になります。 Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) siteminderssoiamsecuritywebssolegacydevops https://www.youngju.dev/blog/devops/2026-06-12-siteminder-architecture-legacy-web-sso Symantec SiteMinder 아키텍처 해부 — 레거시 엔터프라이즈 WebSSO의 표준 https://www.youngju.dev/blog/devops/2026-06-12-siteminder-architecture-legacy-web-sso 20년 넘게 엔터프라이즈 WebSSO 시장을 지배해 온 SiteMinder의 아키텍처를 해부합니다. Policy Server, Web Agent, SMSESSION 쿠키, realm/rule/policy 객체 모델, 헤더 기반 사용자 전달의 보안 함의까지 — 레거시 IAM을 이해해야 모던 IAM으로 갈 수 있습니다. Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) siteminderssoiamsecuritywebssolegacydevops https://www.youngju.dev/blog/devops/2026-06-12-siteminder-to-keycloak-migration-strategy.en From SiteMinder to Keycloak — A Legacy SSO Migration Strategy and Practical Roadmap https://www.youngju.dev/blog/devops/2026-06-12-siteminder-to-keycloak-migration-strategy.en A practical roadmap for migrating a SiteMinder estate to Keycloak: application inventory classification, an object mapping table, SAML brokering coexistence architecture, oauth2-proxy header translation, gradual password capture, and wave-based rollout with rollback plans — how to switch safely without a big bang. Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) keycloaksiteminderssoiammigrationoidcsecurity https://www.youngju.dev/blog/devops/2026-06-12-siteminder-to-keycloak-migration-strategy.ja SiteMinder から Keycloak へ — レガシー SSO マイグレーション戦略と実戦ロードマップ https://www.youngju.dev/blog/devops/2026-06-12-siteminder-to-keycloak-migration-strategy.ja SiteMinder 環境を Keycloak へ移行する実戦ロードマップをまとめます。アプリインベントリの分類、オブジェクトマッピング表、SAML ブローカリングによる共存アーキテクチャ、oauth2-proxy のヘッダー変換、漸進的パスワードキャプチャ、ウェーブ単位のロールアウトとロールバック計画まで — ビッグバンなしで安全に乗り換える方法です。 Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) keycloaksiteminderssoiammigrationoidcsecurity https://www.youngju.dev/blog/devops/2026-06-12-siteminder-to-keycloak-migration-strategy SiteMinder에서 Keycloak으로 — 레거시 SSO 마이그레이션 전략과 실전 로드맵 https://www.youngju.dev/blog/devops/2026-06-12-siteminder-to-keycloak-migration-strategy SiteMinder 환경을 Keycloak으로 전환하는 실전 로드맵을 정리합니다. 앱 인벤토리 분류, 객체 매핑표, SAML 브로커링 공존 아키텍처, oauth2-proxy 헤더 변환, 점진적 비밀번호 캡처, 단계별 롤아웃과 롤백 계획까지 — 빅뱅 없이 안전하게 갈아타는 방법입니다. Fri, 12 Jun 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) keycloaksiteminderssoiammigrationoidcsecurity