摘要
Web应用系统中服务器一方的安全性主要通过用户身份认证和对应用逻辑的访问控制进行保证,但HTTP协议的无状态性,使得这些安全措施的实现变得比较困难。该文提出了一种基于Java的SessionTracking技术实现Web服务器安全的新方法,方法充分发挥了Java语言的技术特性,不但能够有效地解决Web应用服务器的安全问题,而且编程实现简单,此方法在WBMS系统中得到了成功的应用。
Typically,the security of the server is based on authentication and access control services in a web-based application system.However Because the Hypertext Transfer Protocol(HTTP)is stateless,it is not easy to implement this security in practice.This paper presents a new method to implement the server security for web-based application in which the Java'session tracking is adopted.This method takes advantage of the technical characteristics of Java.It can solve the server security problem for web-based application,and it is easy to implement.Also,this method has been successfully running in WBMS.
出处
《计算机工程与应用》
CSCD
北大核心
2001年第19期16-18,91,共4页
Computer Engineering and Applications
基金
国家863高科技研究发展计划项目(编号:863-306-ZD08-01X)
