| With the development of Internet, more and more service show in front of users, like cloud service, saas. Web service. As a result, user usually needs to provide different username and password for different services which leads to lots of identity information to keep in mind and inconvenience for user. Especially for enterprise users, they are unable to effectively control employee access to the service. In order to face these problems, Intel developed a single sign-in on solution named ECA360(Intel Expressway cloud access 360). The author took part in this program during internship, designed and implemented part of modules.This paper focus on the project of ECA360, firstly, introduces the problems occurred during login step. And then bring out the definition of single sign-in on. After that, the common technologies for single sign-in on and popular products are introduced. Then, the paper describes the technologies used in ECA360 to implements SSO, including SAML, OpenID, GWT. After introduces the relevant technology, the detail requirement analysis, architecture design and all modules design are given. Finally, the paper describes the detail implementation of two modules, Federation Broker module and Connector framework, which implemented by the author.Federation Broker provides a solution for single sign-in on among enterprise federation which includes the definition and configuration of federation, implementation of single sign-in on as well as metrics of single sign-in on. And Connector framework introduces the way ECA360 communicate with cloud service which named Connector. This describes the creation of connector and different ways to communicate with cloud service for 3 types of connectors:SAML, OpenID, ECAToken which seperatly implements the communication mechanism for the service support SAML, OpenID and Java or.NET web application. |
PDF Full Text Request