| With the rapid development of IT in the area network and the Internet, there are alarge number of application service because of these application services belonging todifferent organizations and individuals, and these different development andoperation,It varies in the implementation of the business process functions andimproving the enterprises’ operational efficiency, product and service innovation, avoidthe risk areas and so on,and is not conducive to the stability of the enterprise, and thelong-term development.According to the the company’s information construction status and actual needs inDeparture from Urumqi Branch of China Life Insurance, achieving seamless integrationand sharing of information resources and solving the enterprise user identityinformation silos full research and demonstration, It put forwards a J2EE-based unifiedauthentication management system framework designed to achieve the purview unifieduser management and unified authentication, unified authority control, one-stop login,unified application interface personalization company within the integrated system,unified management.The system compared with other access control systems, which has maintainability,strong cross-platform, security, and easy management advantages. User managementmodule designs metadata model and the directory tree structure based on a unifieddirectory of LDAP protocol,which achieves the effective unified management of useridentities; In the identity certification, the original application system user identityauthentication module unified identity management system authentication to take overand replace the certification process, Higgins framework, CardSpace, cryptography,PKI technology based on the WS-Trust protocol to guarantee the integrity of thecertification; the technology based on Higgins framework, Windows CardSpacetechnology and the combination of the Security Assertion Markup Language (SAML)implements single sign-on from the consideration of combining manageability, securityand ease of use;To facilitate the authorization management,this paper use organizationalstructure with a hierarchical License combined with the company’s organizational structure as well as to facilitate the authorization management; in systems integration, Ituses fully angent and plug-in technology,in order to effectively reduce the impact on theoriginal business systems and the network bearer,and achieve the design requirementsof the initial performance. |
PDF Full Text Request