The Application Research Of The Unite Authentication Based On The Windows Server 2003

With the development of computer science and technology and the enterprise information, the department level system is gradually becoming crossing platforms and crossing networks enterprise applications, which usually need to integrate the distributed services around in the intranet. These independently system has the own mechanism of users' ID management. But with the growth of the users' number, the maintenance and management cost is increased, such as addition, deletion, synchronization and authorization, and the security risk is becoming high. And the enterprises are also faced to the giant challenge.In order to solve the problem, this paper constructs a unite authentication system based on the Windows Server 2003. The system maintains a kind of information set to implement the cooperative and communicate in the enterprise intranet. This system can keep the existing identity management mechanism, integrate the users' identity in the different system, build trusted relationship among domains, and then make the users in active directory domains to visit other domain. By analyzing the ID management technology and the demand, this paper puts forward the solving scheme for the problem appeared in the crossing platform and networks enterprise application on the management of user identity. The unite authentication system is using an ID mapping theory based on the LDAP. The UA system is using C/S constructer. The server is implemented by using Java, in which security administrator can map the uses' identity in active directory' s domains to the realm on WebLogic Server. The client is developed in VC++ 6.0; it can block and filter the communication between domain users and Webhogic Server, and can instead user to complete the authentication process in WebLogic Server. Through the system security administrator can centralized and unified manage the users' ID and privilege information in enterprise, so it can help to decline the TCO and reducing the complexity of the ID management in enterprise. And at the same time, the user in active directory domain don' t need to many variety ID information for other applications, making user have better network experience, and reducing security risks.The unite authentication model this paper studied, which provides a solution to achieve cross-platform support to the ID management in inter-network enterprise applications. The system supporting open standards protocol, LDAP v3, has good scalability and platform-independent, can be easily integrated to, particularly those based on Windows Server 2003 enterprise application systems.