基于消息系统的可定制单点登出服务的设计与实现
he Design and Implementation of Message System based andCustomizable Single Sign Out Service
作者:张靖宇(四川大学 计算机学院,四川 成都610064);李志蜀(四川大学 计算机学院,四川 成都610064);陈良银(四川大学 计算机学院,四川 成都610064)
Author:(School of Computer Sci.,Sichuan Univ.,Chengdu 610064,China);(School of Computer Sci.,Sichuan Univ.,Chengdu 610064,China);(School of Computer Sci.,Sichuan Univ.,Chengdu 610064,China)
收稿日期:2006-03-09 年卷(期)页码:2007,39(5):137-142
期刊名称:工程科学与技术
Journal Name:Advanced Engineering Sciences
关键字:单点登录;单点登出;CAS;MSC-SSOS
Key words:Single Sign On;Single Sign Out;CAS;MSC-SSOS
基金项目:四川省重点项目(05GG021-003-2)及四川大学计算机学院(软件学院)青年基金资助项目
中文摘要
在多个系统间如何进行身份认证和授权是企业在部署应用集成系统时面临的问题之一。现有的SSO(单点登录)认证模型为多应用集成系统提供了统一的认证入口,但是该模型面临另一个影响系统安全性的问题:单点登出的认证管理。本文提出的单点登出认证模型MSC SSOS (Message System based and Customizable Single Sign Out Service)基于Java Message Service消息机制,通过设计消息总线集中完成安全管理,业务定制,消息持久以及负载均衡多种服务。并将耶鲁大学SSO登入认证模型——CAS与模型MSC SSOS进行整合,应用于在线服务系统,在每日访问量超过400000 Pages的在线系统中展示了其安全、稳定、高效的特点。
英文摘要
Single Sign On (SSO) provides uniform authentication entrance for multi application integration system, but has a security issue on which it normally does not focus— authentication management in Single Sign Out. A Message System-based and Customizable Single Sign Out Service —MSC SSOS integrating Yale ITS CAS into a multi-application online service system, was designed and implemented. Many services such as security management, business customization, message persistency and balance loading are provided through a message bus. MSC SSOS demonstrates characteristics of security, stability and efficiency in the online system which is visited by more than 400000 pages a day.
【关闭】
