Research And Implementation Of Campus Network Of Unified Identity Authentication System

With the rapid development of campus informationization, many traditional stand-alone application systems are gradually transformed into a Web application system, and each Web application systems are independent of each other, and has its own authentication scheme. User need to log in to each application systems, to enter the corresponding application system user name and password, the same user, but have more than one user name, password, user greatly inconvenience caused. After login and application systems, can handle only the content of the application system, information cannot be Shared with other application systems. Administrators to manage user information, not only to repeat operation in different application systems, and the need to manage several integer times of application system user entries, management workload is very big also. For colleges and universities information construction, a large number of repeat, again not consistent user information, also is not favorable to the development of colleges and universities has profound.Within campus network is unified identity authentication system based on campus network authentication and authority of each application system way each are not identical, will be integrated in the form of authentication and authorization allows all users to login through a unified identity authentication system, again according to their assigned permissions, you can access are allowed to access the application system, without having to remember multiple user names and passwords.This paper analysis the existing way of identity authentication, both at home and abroad combined with the Kerberos protocol model and single sign-on technology principle, using technology and the session cookie technology as well as the authentication token mechanism, put forward a kind of based on users, roles, permissions, and combining the resources of unified identity authentication system, using the LDAP directory server storing user information, using the authentication server for user authentication and authorization, using Web Service technology, implements the unified authentication Service based on Web application Service.