摘要
SAML是W eb单点登录重要的执行标准,能够提供安全方便的身份认证形式。在电力信息应用系统选择基于集成应用平台的软件系统模式下,SAML单点登录成为系统安全与方便使用的有效技术保证。电力集成应用平台的用户分省市2级,文章介绍了应用资源信息管理结构、自上而下进行角色权限审计与核准的角色权限管理策略以及SAML断言形式的身份认证。在构造统一的用户和应用资源信息目录树基础上,分析和设计了用户角色权限管理及SAML认证过程,实现了单点登录。
SAML is the key standard of the Web SSO, which can provides a safe and convenient authentication mode. By selecting the software system pattern based on the integrated application platform for electric information application system, SAML SSO can be an effeetive teehnieal guarantee for the system safety and faeilitation. This paper introduees the strneture of application resouree information management system, the strategy of role management in audit and approval from high to low level and the identity au- thentication with the form of SAML assertion. The user's role management and the process of SAML authentication are also analyzed and designed based on uniform information directory tree of users and application resources, and then the SSO is realized.
出处
《电力系统通信》
2007年第10期43-46,共4页
Telecommunications for Electric Power System