Research And Implementation Of Unified Identity Authentication And Authorization System For The Park

The development of network technology and information technology significantly promote the process of enterprise information construction, the number of application systems within the enterprise continues to grow, yet each application has its own independent identity authentication module, users need to remember a large number of login passwords, it brings users a poor user experience, integrating these application systems to achieve a unified authentication and management is imminent. And if the third-party application system wants to obtain user’s account information it must authenticate the user’s legal status through the user’s private certificate, so the user must reveal his / her private certificate to the application system, and user can not restrict the application’s using permission about user’s account information as a result, this way is inconvenient and have many security problems.Connecting with the applications’ actual condition, a design strategy is put forward in this paper, we combining OAuth2.0 protocol and JA-SIG CAS protocol to solve said problems, designing and implementing the unified identity authentication and open authorization scheme which is based on MVC and SSH framework. In this scheme, CAS protocol focuses on the user’s unified identity authentication, and the OAuth2.0 protocol focuses on users authorization for the third-party applications, so the unified identity authentication and open authorization system based on this scheme can realize a unified identity authentication to the park users and the third-party applications can have access to the basic user information through the user authorization. The centralized management to the user authentication and authorization simplify user authentication process, reduce data redundancy and the risk of user private certificate leak, enhance the safety and reliability of the system in the park.Aiming at the CAS protocol and OAuth2.0 protocol, this paper gives a clear explanation of the whole protocol process and the roles, state how to integrate CAS and OAuth2.0, the core configuration and source code is declared, analyze the protocol participants in detail and build a unified identity authentication and open authorization model, on above foundation we design and implement the unified identity authentication and open authorization system. After the system deployment, it can integrate the enterprise application system resources, either greatly improved the user experience, or increased the security of application system, this system reduces the maintenance cost of application system in enterprise.