摘要
随着应用服务提供商(ASP)商业模式在国内的发展,为满足陶瓷行业ASP平台集成多种异构应用系统的实际需求,该文提出了一种采用统一安全认证技术进行轻量级应用集成的解决方案。方案中采用目录服务数据库统一存储用户身份和权限信息,使用会话令牌保证用户身份的持久有效性,通过策略代理保护应用服务资源的安全,并对用户的访问进行统一授权和控制。为实现用户在平台和应用系统之间的单点登录,提出了结合令牌和代理进行身份信息传递与验证的实现方案,尤其是解决了跨域单点登录(SSO)的难题。
With the development of the business (ASP) commerce pattern , this paper provides how to integrate various ceramics ,lightweight industry ASP platform. ,discusses catalogue service data base, authority in the scheme information, protecting application serving resource Single Sign-On between platform and application system ,gives solution on logging on, especially acting for information delivery and the realization verifying carrying out dignity having resolved cross-domain.
出处
《计算机安全》
2008年第12期89-91,共3页
Network & Computer Security
