Design And Implementation Of CAS Single Sign On And The Unified Identity Authentication System Based On

With the rapid development of Internet technology, enterprise informationization construction has a rapid development, the enterprise to establish the various business system, providing a variety of services, such as office automation(OA) system, financial management system, file management system, information query system, etc..But in the service system construction for each array, there is no unified application platform interface, the application of the entrance are not unified, not uniform interface, the user name and password are not unified, the authentication mode is also different, which makes the user in a user name and password in the pile, and the need to switch between multiple application system, different users can when repeated login, very inconvenient, while increasing the complexity of the authorization management, also makes the management and the maintenance cost is very high.So, should establish a unified identity authentication system, so as to realize the unified user management, unified authentication, unified authorization, and users in the work only when the login once, when switching to other systems do not need to log on again, namely "one login, system full roaming network".In this paper, a comprehensive study of the unified identity authentication and single sign-on technology theory, based on the user memory in use multiple sets of user name password, repeat login problem, design the solution higher suitability, platform, easy coupling lower unified identity authentication model integrated with the old system.Taking CAS(Central Authentication Service) as the foundation, this scheme is practical in the specific application, the feasibility and efficiency of the verification scheme. Main research contents:1. Cookies technology, filter technology, Redirect Redirect technology, Spring’s WebFlow streaming technology;2. Multiple applications legitimacy uniform testing system users, system users unified management authorization, single sign multiple applications;3. Certification Center user multiple authentication methods, such as password authentication, digital certificates, etc., and can be flexibly switch configuration;4. LDAP and CAS application integration, and push or pull way to achieve data synchronization;5. CAS for Java,. Net, PHP and other different client environments(B / S structure) for seamless access to configuration;6. CAS proxy authentication application in the portal, the portal system data integration with other applications carry agent notes(Proxying Ticket) to unify Certification Center;7. In our project specific example, the design and development process to achieve a unified identity authentication system and single sign-on functionality. To achieve the ultimate goal:1. Multiple application systems legality uniform testing;2. System-level users unified management authority;3. Multiple applications to achieve single sign-on system, that once logged in, the whole network roaming;4. Achieve a variety of authentication methods flexibly switch configuration, such as password authentication, digital certificates, etc.;5. Flexible configuration to achieve a variety of client, such as Java,. Net other environmental seamless access;6. Achieve portal proxy authentication(portal proxy backend systems to Certification Center).