摘要
针对网站内容管理系统中面临的安全性管理要求,以一个公司实际项目需求为背景,提出了一种将直接授权与RBAC授权相结合的分步式权限控制方法并详细阐述了具体实现过程,着重介绍了权限管理的框架、数据库设计和用户界面的动态生成。系统运行结果表明使用这种控制方法,不同身份的用户登录验证后具有不同的交互界面,提高了系统的易用性、交互性和健壮性,丰富了业务逻辑控制细粒度。
On the basis of the security requirement of a website content management system, presents and realizes a new step by step authorization control combining direct authorization model with RBAC authorization model, introduces the realization process of the permission management in details. Mainly discusses the permission management framework and database design and the problems of how to generate user interface dynamically. This method can make different users have different interfaces. Practices show that this method can enhance the accessibility, interactivity and robustness of the system, can enrich service logic control fine grit.
出处
《电脑开发与应用》
2009年第6期16-17,20,共3页
Computer Development & Applications
