| Enterprise applications refers to applications and solutions that deployed for commercial organizations and large enterprises. An ideal enterprise applications platform should be upgrading easily, reliable, safe, and have a flexibility architecture.J2EE(Java 2 Platform Enterprise Edition) is an architecture that defined the standard for developing platform independent, secure enterprise applications.J2EE security mechanisms provide a wide range of security services for application system which based on J2EE framework. However, these mechanisms still have some shortcomings, so that can not satisfy user needs in the process of convenience development. Acegi security framework not only be compatible with J2EE security mechanism, but also can meet the business users' development needs in the agile development aspect.Acegi is a security framework based on Spring AOP technology, it works independently against business logic of the system and can provide security services deployed. Acegi can be intergraded with mass Web frameworks perfectly. So we can establish Acegi security system in the enterprise system based on J2EE and provide authentication and authorization services.The main work is as follow:First, introduce the J2EE security mechanism and analyses its shortcomings.Secondly, analyses and research the theory of RBAC(Role-Based Access Control).Thirdly, deeply research authentication and authorization mechanism which is offered by Acegi security framework.Finally, the application of Acegi security framework in "Training Management System" , analyses the shortcomings of Acegi and improve it. |
PDF Full Text Request