The Design And Implementation Of Authentication And Authorization System Based On OAuth2.0

With the rapid development of the Internet, now more and more Internet serviceproviders go to share their datum and services with open platform, which attractes more andmore3rd party developers. Unfortunately, every application developed by3rd partydevelopers usually requires one account. If these accounts are alone, user has difficulty tosave so many accounts. So it is in need of one authentication and authorization system whichis secuirty, reliable and easily supported by Internet service provider. We usually call thismechanism as Single Sign-on system.But, traditional Single Sign-on mechanisms such as OpenID and CAS have to provideuser name and user password to3rd party applications. As a result of trust degree betweenuser and3rd party application is low, these traditional Single Sign-on mechanisms can not beused for open platform.OAuth2.0protocol is the most popular solution to overcome the difficulty of SingleSing-on mechanism for open platform. Because OAuth2.0is draft and is not final version, ithas many defects to be finished.The paper based on OAuth2.0protocol and many common web security technologies.To solve some defects of OAuth2.0protocol, paper try to advice some new securitymechanisms. And finally with these design proposals and use MVC design pattern, based onpopular J2EE platform and B/S architecture, design and implement an authentication andauthorization system which used for open platform.First of all, the paper start from the system architecture analysis, using hiearchical modelto reduce the degree of coupling between the system layer and layer, to improve the systemscalability and maintainability. Secondly, for some key modules such as private certificates,digital signatures and authentication and authorization function detailed analysis and design,using the SSL protocol communications and encryption and dencryption algorithm to improvethe security of the system. Finally, based on the completion of the basic functions of thesystem, using testing tools such as LoadRunner performance testing of the system, andmaking some improvernments, and finally pass the test to prove the correctness of these improvernments, to ensure the system will good running performance.