The Design And Implementation Of Multi-Domain Single Sign-on System

In recent years, single sign-on technology developed rapidly. As people become more and more familiar with the network, and have an increasingly wider field of vision, people use more and more single sign-on systems. These single sign-on systems all belong to different companies, and their authentication systems are independent of each other, whether for technical or interests or security considerations. For users, although single sign-on systems to some extent alleviated the burden of its customers. However, users that use different single sign-on systems still have to remember and input user names and passwords. Security problems have not been fully resolved.Multi-domain single sign-on system can solve this problem to some extent. In multi-domain single sign-on system, each domain represents an independent single sign-on system. Multi-domain single sign-on system could implement unified authentication and single sign-on between these domains, so as to give full play to the advantages of single sign-on. Based on the analysis of domestic and foreign available single sign-on systems' model and its advantages and disadvantages, design and implement a multi-domain single sign-on management system, which applies to the network applications at present. The system is divided into four parts. That is single sign-on register module, single sign-on domain authentication server module, application service module and security module. Register module is responsible for coordinating the relationship between the communication link between the domain and domain. Single Sign-on domain authentication server module is the core of user authentication in every single sign-on domain. Application service module is the web service provider. Security Module is responsible for ensuring the security of the entire system. The system has excellent compatibility, platform independence, scalability, and low cost.This Paper first introduced the multi-domain single sign-on system in the background. Then the single sign-on related technologies, including encryption technology, identity authentication technology, unified authentication, authorization technology and other related technologies. Analysis the existing single sign-on system models and the development of the domestic and foreign situation, and then described in detail the multi-domain single sign-on system design goal, system structure and working principle, and the concrete realization and implementation. Finally, discuss how the existing system could integrate to multi-domain single sign-on system.