«上一篇/Previous Article|本期目录/Table of Contents|下一篇/Next Article»

《华侨大学学报（自然科学版）》[ISSN:1000-5013/CN:35-1079/N]

卷:

第30卷

期数:

2009年第3期

页码:

351-353

栏目:

出版日期:

2009-05-20

文章信息/Info

Title:

CAS Single Sign-On Technology for Integration of Enterprise’s Application System

文章编号:

1000-5013(2009)03-0351-03

作者:

宋鹏; 余金山

华侨大学计算机科学与技术学院

Author(s):

SONG Peng;  YU Jin-shan

College of Computer Science and Technology, Huaqiao University, Quanzhou 362021, China

关键词:

单点登录;  企业应用系统;  身份映射;  中央认证服务器

Keywords:

single sign-on;  enterprise’s application system;  identity mapping;  center authentication server

分类号:

TP311.52

DOI:

10.11830/ISSN.1000-5013.2009.03.0351

文献标志码:

A

摘要:

针对企业应用系统单点登录的需要,提出一种基于中央认证服务器(CAS)的单点登录技术方案.系统中,认证管理器通过责任链模式管理认证执行者,客户端浏览器与认证服务器之间采用HTTPS协议,认证服务器与平台应用服务器之间采用HTTP协议.在访问业务系统时,相关信息的传递均结合时间戳、关键信息加密签名和SSL加密通道技术.在自动认证完成后,业务系统可根据需要设定是否继续走安全套接层协议(SSL)加密通道,既保证单点登录过程中信息传递的保密性和真实性,又兼顾业务系统访问的安全与效率.

Abstract:

In order to meet the single sign-on needs of the enterprise’s application system,we propose a center authentication server(CAS)-based single sign on solution to integrate the Web applications.In the system,an authentication manager is given to manage the authentication executives through responsibility chain pattern,HTTP protocol is used for the communication between client browser and authentication server,and the communication between authentication server and application server; any information passing is processed with technology of time stamp,crypto-signature and security socket layer(SSL) cryptic channel when visiting a business system.The business system can choose to go through SSL cryptic channel or not by itself according to the need.Hence,not only the security and authenticity of the information passed in the process of single sign-on are guaranteed,the security and the efficiency of accessing to a business system are also ensured.

备注/Memo

备注/Memo:

福建省自然科学基金资助项目(A0810013)

常用功能

更新日期/Last Update: 2014-03-23