摘要
针对单点登录技术实施过程中,采用HTTP身份鉴别协议的已有Web应用系统不能修改、改变的技术难题,提出了一种无须修改Web应用程序和Web服务器的身份鉴别方式即可实现单点登录的单点登录透明集成技术。该技术通过插入到Web服务器的HTTP请求、响应处理通道中的一个插件,自动处理与Web服务器交互的HTTP身份鉴别协议数据,从而在对Web服务器不作改变、对Web应用程序不作修改的情况下,实现单点登录功能。实际应用和测试结果表明,该方案实现了预定的功能,达到了预期的效果。所提方案对单点登录的应用实施非常有帮助。
To address the problem that existing legacy Web application systems using HTrP authentication protocols cannot be modified in implementing SSO technology, this paper proposed a transparent SSO integration technology which required no modifications to the existing legacy systems. The proposed technology employed a plug-in module which inserted into the HTI'P request and response processing pipelines of a Web server. The plug-in automatically processed the reciprocal exchanges of au- thentication data with the Web server employing a HT'FP authentication protocol. As a result, it achieved SSO without the chan- ges or modifications to the Web server and application. Practical applications and tests demonstrate that the proposed technolo- gy has achieved the predined functionality and the expected effects. The technology is highly helpful to the implementations of SSO.
出处
《计算机应用研究》
CSCD
北大核心
2013年第9期2813-2818,共6页
Application Research of Computers
