| In the distributed network environment, the user needs to log in the different application softwares and service systems everyday such as traditional Windows application system,Web application,FTP service, network equipments management,database application etc.Each of the applied system requests its particular and safety steps and means to enter.So users must have their own independent username and password in every system.When entering system everyone must submit their identity information once more to pass authentication.The more applied system that the user uses, the more USERID and passwords he should remember,so the possibility that he would make mistakes and reveal his passwords is bigger .A Single Sign On system can resolve the above problem nicely. Single Sign On system means that a user need only to pass authentication once actively, then he can visit the service authorized to him, need not another registration and authorization.This bring abundance convenience to the user to take use of application services. This paper focuses on a high security and adaptability single sign-on system.By means of LDAP Directory Service,Kerberos Authentication and invoking functions of Windows API,we design a single sign-on system and then impliment it.The software system realizes the accessing of LDAP Directory Entry,Kerberos Authentication,unified and centralized management of users' login information.It also provides the functions to finish safe,transparent and automatic logging into applications that authorized beforehand.The typical applications include Windows application,Web application,FTP service and TELNET service.It is more important that we should not change the present applicatons anymore to accomplish secure,efficient and convenient SSO by the software.
|
PDF Full Text Request