Based On The Ldap Unified Authentication System

The level of information construction has become an importance for evaluating the comprehensive strength of a country or a region. For running business properly ,users have to login different applications with different accounts and passwords. Considerate the security aspect,the authentication of users is a required part of each app1ication. Due to the independent attribute of each application,users often have to login and logoff for visiting other applications. It is a challenge for nowadays authentication system to provide a solution to simplify the processing of user's logins and keep security of each application.According to the requirements of NanJing city resident card project, a unified identity authentication system is introduced in this paper. First, existing identity authentication mechanism is described in this paper, and the Kerberos(Network Authentication Protocol ) authentication mechanism is importantly studied, the advantages and disadvantages of the Kerberos(Network Authentication Protocol) protocol is analyzed, and the advantages of ECC algorithm is analyzed, then an improvement Kerberos ( Network Authentication Protocol ) unified security authentication solution is proposed to password guessing attacks and replay attack, thereby it improves the safety performance of the system. Secondly, in this system the distributed properties of LDAP(Lightweight Directory Access Protocol) is used to organize user information which is distributed in different application, and XML(Extensible Markup Language) and SOAP(Simple Object Access Protoco) technologies are adopted to implement data exchange between heterogeneous databases. It largely simplified the communication between various application systems and authentication service center, reduces the difficulty of system accomplishment Finally,the heterogeneous system integration technology was analyzed in this paper and Webservice Technology was used to implement Integration Application General Registration Interface,and the problem of information island was solved.On the basis of these studied problems,a Unified Identity authentication system framework based on LDAP(Lightweight Directory Access Protocol) is presented. In additional, the system can be integrated easily, so that it can lower the cost management. With the unified identity authentication system being gradual and perfect, it will play an important role among the information safe system of resident card or relative realms, and network management will be more secure and effective.