Research And Application On Secure Sso Technology Based On Cas Protocol

A number of heterogeneous systems have been built at different stages of Enterprises Informatization.They have independent mechanisms of security authentication and user management,which hinder applications integration.Single Sign-On (SSO) can help the user access the limited resources in multi-systems with only once login and authentication not many times.In the process of SSO user's security information is converted into digital identity and delivered into multi-systems.SSO can improve work efficiency and security.Central Authentication Service (CAS) protocol is an open source protocol designed by Yale University.In the aspect of security,SSO based on CAS uses tickets of high security to authenticate users and applications without user information transferring in systems.In the aspect of applicability,it supports many clients such as Java,Perl,Jsp,Asp, Php,Apache andPAM module to make applications integration easier. It is being widely used in most university,scientific research institutes and some companies.Meanwhile the CAS protocol is being constantly extened and perfected.In this paper SSO based on CAS protocol is used to intergrate some systems such as BBS,Blog,news comments and house information in an actual information portal.Main research content and solved issues are as follows:1.Study the basic theory and key technologies of SSO.2.Study the CAS protocol and it's authentication flow.3.Bring forward the SSO model based on CAS and implement it. Expand the function of CAS to implement user management, role management, permission management, application management, log management and RBAC.4.Analyze the changes in permission policy,implement central authentication and SSO,bring forward the improved solution for sign-out management.5.Summarise the deployment solution of CAS server and the intergration methods of CAS client. Make the application analysis for SSO based on CAS protocol.Practice has proved that the SSO based on the CAS protocol has high security, reduces the system integration complexity and has high enforceability and expansibility.So the SSO solution based on the CAS protocol has great practical value.