| The Role-Based Access Control (referred to as RBAC) technology is currently the main technical means to achieve security requirements of Enterprise-class applications.The concept of role is introduced as an intermediate entity between the user and permissions,which can make the process of executing specific policy of protection more flexible.RBAC provides a better environment to implement policy of security for the administrator.The Lightweight JavaEE Technology is one of JavaEE Enterprise Application Development.With respect to the classical JavaEE technologies, lightweight JavaEE application simplifies the difficulty of JavaEE applications.while retaining the classic, high scalability, high maintainability, based on reducing the JavaEE application development and deployment costs.For most small and medium enterprises.it is the preferred application.In this paper,based on RBAC technology and taking Spring MVC+Hibernate+Spring+Spring Security framework.the author designs and realizes the privilege management system,which include two permissions allocation ways based on role and Hierarchical department and can provide the function of permissions management.In addition, take a real Enterprise-class applications for exemple,the permission management system’s effectiveness and flexibility has been verified.The main work of this thesis including:l)Firstly,this paper resareched the relevant knowledge of RBAC technology and lightweight JavaEE technology.which include the model of NIST RBAC,Hierarchical design model,Spring MVC Framework.Hibernate Framework.Spring Security Framework,and so on.2)Secondly,,this pager introducted an Permissions Management System Based on RBAC technology,which involves the actual model of system,system design and implementation and database design.3)Lastly,through an example to validate System,which show good effect. |
PDF Full Text Request