| Single Sign-On system can realize that using a pair of username and password to login. Then we can jump from one application system to anther transparently. Also we can realize the unified user information management. System administrator only needs to maintain personnel information. Changing information can be synchronized to all applications through the platform interface. Single maintenance of personnel system to achieve company-wide synchronization changes. This will greatly improve our working efficiency. But traditional single sign-on systems rely on the browser's cookie to mainta- intain user's authentication status information. Due to browser cookies can not be transmit- ted between different DNS, the authentication information in cookie can not be passed from oone domain to another .Yale CAS single sign-on system as a traditional single sign-on system with simple, fully functional characteristics and so on. But it also based on the cookie implementatio- n implementation that remains the traditional shortcomings of single sign-on system. At the same time, the login method is based on the username and password, with a certain degree of security flaws and is not convenient. Therefore, how to use CAS to achieve cr- oss-domain single sign-on system is focused on this article. The main work of this article are as follows:1,Through in-depth research on CAS and SAML, using the similarity certification of both principles to study how to combine CAS and SAML to resolve the problem of cross-domain that CAS can't be dealing with.2,Analysis CAS'authentication based on username and password,discussing its security. Using of biometric features, designing model to realize biometric authenticatio- n. While taking advantage of biometric features, analysis of the feasibility of changing t- he traditional authentication.3,For CAS'inherent defects, designing and coding a single sign-on system to achie- ve the support for SAML, biometrics and apply to Liferay portal system . |
PDF Full Text Request