With the development of network technology, the increase of application services makes the enterprise network management and security more and more complex. So, the enterprise portal needs a high performance system for identity authentication management. The directory service has good characteristics such as distributed, hierarchy, object-oriented and easily to be augmented. Therefore, it can be applied to information published, network equipment management, network application management and network safety systems.In the first part of this thesis, the concepts of directory service are introduced, which include general situations of X.500, basic concept and characteristics of LDAP. And then, directory is compared with file system, DNS, and others. The four models of LDAP are analyzed. The system of unified identity authentication is emphatically designed and implemented based on Gentoo Linux 2.6 platform. The design and implementation of the system are discussed in detail. The system can keep basic user information, such as user-name, password, purview, in the same directory. Thus, all the application servers use the user information in the same directory. By using this manner, the problem of disagreement and larger maintenance burden can be solved and the system security can be improved. |