| Modern information network technology has become increasingly popular, we have anywhere, anytime using a variety of application services, social networking, office OA, mail service, and so on. Almost all applications have a security policy, the most common is the demand for user to enter their user name and password. Associated with the passage of time, people began to use more and more systems, and thus be more and more need to remember user name and password. This greatly increases the likelihood of errors, while increasing the likelihood of password disclosure, system security is thus becoming increasingly weak.When the user forgets the password can not continue to use the work, but also need to trouble administrators to help resolve. Pending process, the waste of work time, reduced work efficiency, but also increase the workload of the maintenance personnel. In order to avoid this, many users began to simplify the certification process or to facilitate memory, the user begins to use weak passwords or use the same password across multiple systems, or even simply to create a list of passwords, these acts seriously threatening the company’s information the security and confidentiality.So it was suggested that the concept of single sign. Provide a unified single sign-on authentication interface, so that visitors only need to enter a login information, you can have permission to access different applications, without having to log in again each system eliminates the need to duplicate log cumbersome to improve efficiency, reduce maintenance costs, and enhance the company’s overall security and confidentiality.And actual work needs of the current implementation of the project, now mainstream open source single sign-on system framework and protocol design, to compare their respective advantages and disadvantages. From the point of view of the actual needs of the project, and ultimately select CAS single sign-on system developed at Yale University as the prototype, its profound study and explore the depth anatomy and analysis of the CAS system is a single point of system architecture, design principles. Through practice, the the existing actual production environment successfully deployed a central authentication server; then provided under CAS authentication module interface part of the system on the the existing actual production environment integration and the transformation of the existing system success achieve single sign-on, and made certain. |
PDF Full Text Request