Design And Implementation Of Security Authentication Architecture Based On Microservices

The underlying monolithic structure used by traditional application systems has many defects such as slow development,difficult maintenance,and poor scalability.Moreover,the security authentication architecture of system integration also has the problems of complex concept,complicated configuration,and excessive coupling with specific business scenarios.Thesis mainly aims at the problems existing in the underlying structure and security authentication architecture of the above application system,and adopts the concept of microservices to design and implement a refined,lightweight,and pluggable security authentication architecture.Through the design and implementation of a micro-service authentication management platform,on this basis,realizing the functions of authentication,access control and session management modules in the authentication architecture.First of all,according to the software engineering design and implementation specifications,thesis conducts in-depth research on the underlying architecture selection and security certification concepts in the application system development process,extracts and summarizes the pain points and requirements of the existing architecture.The Java language is used to design and implement the security authentication architecture based on microservices,and the interfaces and classes of the authentication architecture are designed by adopting the idea of the single responsibility and open-close principle,so as to improve the robustness and scalability of the architecture.(1)The authentication module supports password authentication,crossauthentication and single-point authentication.Password authentication provides static form authentication,dynamic verification code authentication,and one-time password authentication.Cross-authentication provides OAuth2.0 authentication function.Singlepoint authentication provides shared cookie authentication,redirect authentication,and HTTP assisted request authentication.(2)The access control module supports three access control modes: role-based access control,coarse-grained and fine-grained.Role-based access control provides user management,role management,authority management and client management functions.Coarse-grained access control provides token bucket access control.Fine-grained access control provides default matching,value matching,target matching,and exclusion matching capabilities.(3)The session management module supports two session management methods:session state management and session behavior supervision.Session state management provides session query,session deletion,session change and session storage functions.Session behavior monitoring provides session behavior monitoring and session timeout control functions.Then,through the design and development of a micro-service authentication management platform,it provides core functions such as registration discovery,service gateway and authentication,and completes the development and implementation of the above three modules on the basic platform.Finally,multi-dimensional functional and non-functional tests are carried out on the microservice authentication management platform implemented based on the authentication architecture designed in thesis.The test results are in line with the design expectations and show better performance.