| JAAS(Java Authentication and Authorization Service), is a set of APIs by SUN corporation to extend the existing Java security architecture that uses a security policy to specify what access rights are granted to executing code. That architecture, as introduced in the Java 2 platform, was code-centric. That is, the permissions were granted based on code characteristics: where the code was coming from and whether it was digitally signed and if so by whom. While JAAS provides access control based not just on what code is running, but also on who is running it. It's user-centric.The main goal of this project is to design and implement JAAS in Java 2 environment. JAAS, as a user-centric Java security architecture, is composed of seven parts of pure Java implementation of XML-login module, RDBMS- login module, principal module, callback handler module, permission manager module, policy module and authentication-authorization utility module.Firstly, the research background of the project is introduced in this thesis. And the basic concepts about JAAS components and process of how to authenticate and authorize in JAAS are also studied. Based on these, the ideas on how to design JAAS is come up with. JAAS with XML-based and RDBMS-based policy is implemented according to the design plan.At last, we come up with a Web application prototype system based on JAAS to satisfy the requirements of Project - Operating information System of Self-education office of Sichuan Province, which implements the authorized access to web page and internal-element of web page. Tests and analysis on the prototype system show that the JAAS implemented really works fine, and has set up a good example for more and more applications to use JAAS. |
PDF Full Text Request