| Today, with rapid development of information technology, business and government information systems are being continuously improved, more and more systems such as financial management system, customer relationship management system, personnel management system,etc, are being added to the sequence of digital office. Since each system uses a separate authentication to authenticate users, which brought a lot of inconvenience to users and system administrators. So there is an urgent need for a unified management solution for all applications, which allows users to log in once and achieve access to all systems those they have permissions.In this paper, through the analysis of existing mature single sign-on system and detail research for serial technology that needed for single sign-on system, we clarified the basic functions of a complete single sign-on system needs to be achieved. After detail analysis and discussion of customer need, we get to know the work need to be done during integrating sub-applications. Base on the demand of customer, we build the basic mathematical model. After that we come the stage of detail design of different system modules. In this stage, we draw flow charts, get detail class design, and get detail database tables based on these classes. During the implementation stage, we choose B/S pattern, use LDAP as lightweight database server to store and manage user information, choose MySQL database to store and manage subsystem information, auditing information and digital certificate information. What’s more, we use digital certificate authentication technology to enhance system security authentication and use digital certificate-based technology to enable communication security between SSO system and major subsystems. Digital signature certificate client module is implemented as an ActiveX IE browser plug-in, so that pages can easily get digital signatures. Based on above technology we successfully implement a comprehensive single sign-on system and it works fine. |
PDF Full Text Request