| Portal is a integrative information system based on Web, taking "to integrate the application" and "to eliminate the isolated island of information" as goal, providing functions as Single Sign On, the aggregation of content, the individuation of Portal and so on. JPOSE is one kind of new Portal framework, namely Java Portal based on Open Source, provided with Safety & Expansibility. The access control of Portal resources is extremely important to the information's security of Portal, the JPOSE Authority System is main method of the realization of data privacy and integrality mechanism.This paper introduces the JPOSE Framework and Portal technology, introduces the JPOSE Authority Model which based on RBAC. The model has realized the separation of user and the visitorial authority logically, considering the particularity of Portal resources, is suitable for Portal Authorization Management.The paper take the implementation of JPOSE Authority System as key point, has designed the architecture of JPOSE Authority System at first, proposed a rational development flow of system afterward. The paper builds the development platform of Authority system selecting Open Source, such as Portlet Container, Application server, database and IDE. We have Designed and realized the Authority management component which might be reused and expanded, aggregated components by the Dependency Injection mechanism of Spring Framework.Finally,we realized a flexible and maneuverable Authority Management portlet application and Permission checkout components based on Chain of Responsibility pattern which inside JPOSE Portal Server. |
PDF Full Text Request