Research On The Technique For Role Definition And Customization Of Authorization Role Based On Portal Access

As the window of digital campus, Campus Portal shows a variety of applications to the campus users in the way of Browser. It can eliminate the gap of the applications, and integrate structured and unstructured resources effectively. It also provides the unified entrance for the resources, holistic security mechanisms and uniform management for the users. Then it provides personalized service according to the difference of user roles and permissions. Therefore, during the construction of the Campus Portal, user management and permission access will be the important technical elements. As a sub-project of the basic research under the background of the digital campus construction, the purpose and significance of this dissertation is to realize unified user identity management on the base of LDAP directory service; to explore a Access Control System which is based on the roles by the introducing the concept of the role; to provide good information management services for the digital campus; to promote the cooperation and resources communion of the campus applications.Firstly, this dissertation analyzes several access control models which are popular currently, and does research for LDAP directory service thechnology. On this basis, by analyzing the requirements and targets of the access control which will be faced during Portal construction, an extended role based access control model is proposed. Starting from the characteristic of the school organizations, the concept of the quarter and task are brought in the new model. Moreover, users' attributes and objects'characteristic are taken under advisement in the new model. In a word the new model is implemented as a flexible and secure access control model.Secondly, basing on the extended access control model and Oracle directory service technology, the solution for uniform identity authentication and access control authorization is proposed in this dissertation.Finally, from the viewpoint of realization, this dissertation analyzes and researchs the Oracle AS Portal architecture and related technology. In the end, a Struts application based portlet is implemented, and this portlet is integrated with Portal.