The Unified Identity Authentication System On Campus Based On LDAP

With the rapid development of computer science and internet technology, there is agreat achievement in the construction of Application and Management System on campuswith the characteristics of large quantities and powerful functions. However, the individualoperational system, duplicated data information and different data format lead to the failurein data sharing, and finally result in the fact that repeated logins are required due to multiplesets of accounts and passwords in each system. Under this circumstance, this article hasproposed the scheme of the Data-centered Unified Identity Authentication which has beencarried out in a certain range and has made some achievements.The Data-centered Unified Identity Authentication System establishes a unifiedidentity database as its data source and implementes login via the portal system. Meawhile,the System establishes the framework for the unified identity authentication andsynchronous management and builds up the unified authentication center (CAS) on campus.Through authentication and authorization by this center(CAS), resources are managedeffectively when visited by users, which will improve the security and pertinence of thesystem. There are several function modules including unified authentication gateway,customer management, resource management, role management, authorization management,institution management, log management, etc..Unified Identity Authentication System accomplishes the authentication through LDAPdirectory server. The system stores user’s name, code, role and other information, and thendelivers the information to the LDAP directory server by the dedicated interface. After thesynchronization is realized by the reliable mechanism, the unified authentication of allapplication systems is processed by the LDAP directory server. LDAP directory server ischosen because of its powerful inquiry ability, high compatibility, strong extendibility, goodsecurity, and also low cost. What’s more, it’s an open source system.The original operational systems will be kept, but the authentication will be integratedto the Unified Identity Authentication system through secondary development. And thesecondary development will be achieved by using ASP.NET programming and the UnifiedIdentity Authentication integration will be implemented in the library management system which is chosen as one example. And the integrations in other operational systems will berealized by the same method.The Data-centered Unified Identity Authentication System has already been appliedand has performed effectively in Guangdong Technical College of Water Resources andElectric Engineering.