Design And Implementation Of Web-Based Identity System

With the development of modern information technology, the demand of information technology which is aimed at enterprise development, is growing speedly. In order to expand the scope of the business partners, and reduce transaction costs, speed up the Enterprise information construction, the company paied heavily in information systems development and application information systems. However, the local applications which are responsible for there own are independent of each other, the information can not be shared, to become an "information island" can not meet the needs of enterprise business processes. the user who want to get more information would have to deal with the various applications, operation is very complex, and this is waste of time and effort, so inter-enterprise application integration for enterprise information technology is inevitable. Today’s international enterprise information applications put more emphasis on the integration of the various resources of internal and external technical means to the seamless integration and collaboration. With the establishment of a united authentication management platform,the company can resolve problems of the "information islands", and effectively link the functional modules of the various enterprises, finally can maximize its effectiveness.WebService technology as a technology of integrated application can give a chance to the company which can choose the platform to develop their own applications, and in order to seamlessly connect to each other company only need follow a pre-agreed web service interfaces The various business campanies begin to use the WebService technology to upgrade the old information system to achieve the integration of inner the enterprise systems,., however, companies also found some other problems,Each application has its own user certification system and. The user may have multiple accounts in multiple systems, it make users have to remember more than one account number, login password. Use these systems to enter account numbers, passwords and other information, the operation is cumbersome. Sometimes in order to facilitate the usage, the user will reduce the password strength. this will bring serious harms to the user information and system security. Therefore, we need a efficient authentication service system which can be used in a distributed environment,, to ensure the safety of the enterprise application integration systems, to solve the user authentication problem encountered in the integration of this application.This page is designed and implemented a WebService and SAML technology-based authentication services. Paper gives a view of the usage in related technologies and authentication services design. WebService and its related security, analysis of the Saml two models, focusing on a handshake and token authentication process to obtain the certificate of authentication own set of security technology solutions will be discussed,and apache platform authentication services based on the safety of WebService development and implementation of methods, including services to provide prescription services to access the interface definition and development, service description, service deployment, service releases, and the client calls the service part of the specific design implementation, and testing and deployment will be detailed discussed in. In the implementation of various application systems integration to Web services-based application, you can use the unified management of the authentication service, The services are loosely coupled, language-neutral, platform-independent, open features, integration of application systems. The old system can give up their original identity authentication system, the new system does not have its own authentication system, use the new authentication services to achieve user authentication. Another security program proposed in this paper, the authentication service itself has played a protective effect, shielding other companies or individuals outside of the enterprise application integration system on the visibility of the unified authentication services.