Research And Implementation Of Unified Identity Authentication In Multiple Information Systems

With the rapid development of the Internet, more and more information systems have bee(?) generated. The mainstream of information systems is based on the model of B/S. Every informatioi system has its own authentication module and access control module. As a result of the independen modules, the access to each information system needs a separate login by the users of the information system. Duplication of login process and a large number of authentication informatioi to memory make users feeling inconvenient; besides, redundant authentication informatioi increases the cost of management.So Unified identity authentication in multiple information systems in this paper comes inte being in order to solve above problems. It has two major tasks which are unified authenticatioi (Single Sign-On) and role and access control. Single Sign-On (SSO) means the users only need te login successfully once when they first access the resource, then can access all the resource(?) without re-authentication. The single sign-on system to verify their identity is not known by the users of information systems. Authentication process which is implemented by the redirection technology is transparent to the users of information systems. Unified identity authentication i(?) multiple information systems in this paper is for the information systems which are based on the model of B/S. The unified authentication module uses Yale’s CAS SSO model from a Java oper source project as the core while the role and access control module is based on RBAC.The work of this paper mainly includes the following aspects. First of all, it elaborates the concept of Single Sign-On (SSO) model and the critical technology and knowledge to build the system. Then it discusses the architecture and authentication process of Central Authenticatior Service (CAS). At the same time, it elaborates how to use CAS to implement the unifiec authentication module. Finally, role and access control module is implemented by the frameworks such as Spring, myBatis, ExtJS. This system is divided into the presentation layer, business logic layer and data persistence layer in order to guarantee the loose coupling of the system.