Single Sign-on (sso) And The Research And Implementation Of A Unified Identity Authentication

With the continuous development of network technology and information technology,enterprise information construction has been more and more in-depth, and the enterprise hasbeen building more and more application systems. Each application system, however, has itsown independent identity module. Users in the use of each system are not only required log in,but also need to keep in mind the large number of user name and password. It will increasethe burden of the user, and in addition to the traditional independent certification system isbased on the user name and password, so users generally use a single password for simplicity.This is likely to result in the attacker damage which reducing the security of the system.Therefore, there is an urgent need for integrating these applications, which realized unifiedmanagement and unified certification. This will not only simplify the user’s login process, butalso enhance the security of the system.In this paper, on the reading and analysis of a large number of materials, we design auniform identity authentication system according to the practical requirements. The systemuses an LDAP directory server to store user information and application systems, and to reachunified management and unified authorization of user information and system resources,which reduce data redundancy and improve resource utilization. Single sign-on module ismainly based on the different structure of the system the application. Different pseudo-singlesign-on program has been proposed in the single point of login module according to thedifferent structure of the application system, which enables the users only need one time tologin in when they enter the portal system will be able to access all the application systemwith the appropriate permissions. In terms of safety, we use the Kerberos authenticationmechanism for unified authentication of user identity.This paper analyzes the Kerberosprotocol defects, and proposes improvement programs of Kerberos protocol, which improvesthe security of unified authentication of user identity.After the implementation of the single sign-on and unified authentication system,companies can integrate all enterprise application system resources. The system not onlyconvenient the operation of users, but also reduces the maintenance cost of the entire system.