| Now, more and more enterprises are puzzled by application integration. According to the statistic data, in most enterprises, eighty percent of the IT resource is invested in the development, integration and maintenance of infrastructure. This means that only twenty percent of the IT budget can be used to those applications that can produce more wealth, and advance the enterprise's competiton ability. This is because that the continual increasing applications distribute over different platforms. On the other hand, from the users' point of view, the more systems users need to visit, the more probably users make mistakes. In order to resolve this problem better, it's necessary to design a uniform portal platform management system to predigest the management and supply some convenience to users.The paper's major work consists analyzing the security mechanism of Java Authentication and Authorization Service (JAAS), researching the Struts Framework, and farther on, combining the design of the portal platform management system, making some extension to JAAS and Struts Framework. Then a more convenient and more secure portal platform management system that is accorded with the specification of J2EE is established.Firstly, the necessary of the portal platform management system is introduced. In section 2, the paper expatiates the security mechanism of JAAS at large. It first summarizes the four struts that can guarantee security, then introduces securitycomponents of Java, and analyses the security mechanism of JAAS, besides brings forward its shortage in practice. In section 3, the paper details the system framework of Struts and the principles of each part of it. Meanwhile, it points out the limitation of Struts Framework, and puts forward that the JSP in the framework can be replaced by XSLT to construct the view part. Subsequently, it analyses and compares three popular technologies that are used to parse XML. In section 4, the paper introduces the system design, which includes the design patterns of the system, the storage mode of the user information, the whole frame of the system and so on. In section 5, it discusses how to implement the JAAS's extension, and how to realize the extension to Struts Framework. In succession, it introduces the design and implementation of the function modules of the system. Finally, the paper summarizes the whole system, analyses its merit and disadvantage, and brings forword several ideas, which whould be done in the future.The system can supply flexible authentication, authorization and management services to make pivotal resource be protected and managed expediently. Its centralized policy management can distribute and manage security policy based the portal application. It predigests the complexity of the management, and can make application developers avoid developing complicated security function for each application.
|
PDF Full Text Request