The Design And Implementation Of Multi-Domain Single Sign-On System

Single Sign-on Technology (SSO) occupy a very important position in the enterprise information process. In the face of an increasing number of enterprise applications, SSO has not only improved the overall security of enterprise systems, but also enhanced the speed at which the staff and other users access the system, so that greatly improving the efficiency of the work.In this paper, firstly, the existing Single Sign-on Technology has been studied fully. Additionally, a variety of models to be realized have been examined. Finally, after referring to varieties of domestic SSO products, the conception of Multi-domain Single Sign-on (MSSO) has been proposed and the prototype system has been designed and implemented. MSSO is to link a number of SSO system to form a huge network. In this network, the users can not only sign on one single sign-on system but also can do the same things between different systems. One single sign-on system is named the single sign-on domain, which is the conception of the domain in MSSO. The traditional single sign-on system will generally be divided into two parts, agent certification and authentication server. In order to implement the idea of multi-domain, the SSO module of the system registry is added to. The ultimate system includes three parts, that is SSO registration center, domain authentication server and authentication proxy. SSO registration center for the preservation and transfer all domain SSO authentication server domain information, is the top multi-domain single sign-on system control module. Domain authentication server module and the single sign-on system is similar to the authentication server module function, except to add some extra function of adapting multi-domain environment. Authentication Proxy Authentication Module protects the Web application that can be visited after the users signing on.This paper introduces the concept of a single sign-on, and the current single sign-on technology development. Secondly, it introduces some technologies about Single Sign-on, including security encryption technology, SSL and HTTPS protocols and Session technology. Thirdly, single sign-on system design, system structure and working principle have been discussed in detail. Finally, the goal of research in the next step is proposed.