| Identity authentication is a very important factor on network security technology, which be used on different application systems by a lot of universities. However, with the more using of application systems, the more problem be appeared. We have to remember lots of passwords. Some teachers living out of campus do not browse and login some useful web page because they have not a legitimate identity. The basic information about teachers and students have a great deal of variance in different application systems. There have not Unified Authentication and Authorized Architecture when you append a new application.Setting up a Digital Campus is a solution to resolve above problems as while as is a development direction, which including portal, data integration, Single Sign-on, Privilege Management and so on. The Unify Identity Authentication scheme is the chiefly need to realize.This article introduced the Digital Campus construction of our college. We choose LDAP to save the users information about the Digital Campus System, at the mean time realize the Unify Identity Authentication Service. Having done a lot of research on the Single Sign-on theory, using the Session and Cookie technology and Token mechanism, we realized the Single Sign-on of multi-web -applications. We adopted the SSL encryption technology to meet the requirement on security.We realize the Privilege Management based on the users, the group, the role, the privilege and resource. We sufficiently take into account the old web-application systems and overcome the shortage on the access control. The user by means of the role access the web-resource, which can reduce the complexity on authorized management and can provide a well management circumstance.In addition, we take the distributed component technology of EJB (Enterprise Java Bean) to guarantee the well portability and expansibility. We adopt the Web Service technology basing on the XML technique to resolve the mutual operation among the different systems. |
PDF Full Text Request