摘要
随着全球网络化的热潮,网络技术正在日益广泛而深入的被应用的社会的各个领域当中,与此同时,网络安全却成为日益严重的问题。从系统设计实现的角度,对基于RBAC的权限管理系统的体系结构、功能模块及实现的关键技术进行了研究与实践。该系统以Spring框架为基础,采用MVC模式,实现用户和权限的分离,具有权限分配直观、扩展性好,支持岗位、权限多变的需求。在访问控制组件的设计中,利用control层的拦截器(interceptor)进行权限和用户身份的验证,实现系统的安全机制。
With the tide of global internet, network technology has already been used in many fields extensively. At the same time ,the network security becomes a more and more serious issue. From the design and implement of the system, the architecture of RBAC - based the authority management system, the function modules and the core technique using in implement have been researched and designed. The system which takes Spring framework as a foundation and uses MVC pattern,implements the separation of users and privileges and has intuitive assignment of privilege and has good extension and supports the changeable demand of posts and privileges. In the access control module design, the interceptor of the control level confirm the privilege and identity, and then implement the system security mechanism
出处
《计算机与数字工程》
2008年第5期100-103,共4页
Computer & Digital Engineering
