The Design And Implement Of Unified Identity Authentication Platform Based On Campus Network

As the development of information technology and network technology, various kinds of network-based applications are taking on. Users should log in different information systems every day, each system will require users to follow certain safety strategy. As the increasing of the system, the possibility of error will increase and security will be reduced accordingly. When these security risks gradually reflected, the administrator must increase the security measures. These measures have reduced the system's availability, and the complexity of management will increase.Therefore, the market made such a demand: all authorized network resources can be seamlessly visited based on the user's first visit by a network authentication. Thereby it enhances the user network efficiency, reduces network operating costs and increases network security.SSO, literally translated as a single sign-on, more explanation is the image of the"single point of login, the entire network roaming". In other words, systems with the same domain names can share the authentication information. SSO standard definition: in a number of applications, users only need to be logged on a visit to all trust applications.SSO is the more popular of business integration solutions, its mechanism users can visit all authorized network resources seamlessly without repeatedly entering their authentication information. SSO can enhance the user network efficiency, reduce network operating costs and increase network security, and reduce the probability of system errors.Unified Identity Authentication platform uses hierarchical, holistic view of the implementation of campus information technology. Through the application of the system closely linked to the realization of campus information sharing, information dissemination and information services, it improves the quality of teaching, the level of scientific research, management, entertainment level. The project's goal is through a unified portal and a unified identity, many applications are unified into a portal platform. Users can use a large number of systems by single sign on.After SSO integration, users only need log on portal using portal account. Then users can visit the integrated business systems. Users do not need visit other system login page because it is not actually according to conventional visit processes. If the system restricts the login process, we should modify the system before the integration.Unified authentication platform adopted by the SSO technology has two major, web service and single-point roaming. The protocol here is WSDL. WSDL is"Web Services Description Language,"the initials is to provide a description of the Web Services standards. It is the Web Services Definition Language.Compared to other enterprises' SSO, the SSO programs most prominent feature is a guarantee to keeping various systems independent. In campus, every system exists in the distribution of offices. They are managed by different administrators. So a unified account management is not realistic. Focusing on the characteristics of the school, SSO application platform is not only to provide a platform logged entrance, but also to keep the entire system origin login entrance existing. Account management in the various business systems retain their existing Account program, Campus Information Platform builds a map table for existing account.This program does not change the status of campus information system more. Various system administrator duties need not be any big changes. Campus Information Platform administrator can easily maintain platform account and the map table between platform and various systems. As preserving the original operating system independence, the two technologies we used are needed in the network transmission. It is different from the generic SSO technology.The technology used in SSO application is general. Web service in particular, is a relatively mature technology. It can be used in the majority language development process. It can use the standard Internet Protocol, such as the Hypertext Transfer Protocol(HTTP) and XML, programmatic functions will be reflected in the Internet and corporate Intranet.