Working method of permission authentication system based on CAS

A working method and authority authentication technology, applied in the field of CAS-based authority authentication system, which can solve the problem that CAS service does not perform user authority authentication.

Inactive Publication Date: 2020-09-01
朱海燕
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In view of the above technical problems, the present invention provides a CAS-based authority control method, device and system, which can solve the technical problem that user authority authentication cannot be performed in existing CAS services, resulting in the inability to control user access by controlling user authority

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Working method of permission authentication system based on CAS
  • Working method of permission authentication system based on CAS
  • Working method of permission authentication system based on CAS

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] image 3 A schematic diagram of the authority authentication system architecture provided by Embodiment 1 of the present invention; image 3 Shown:

[0058] The CAS client is deployed together with multiple web application systems, and the protected resources of multiple web application systems are protected in the form of Filter. The user can access the corresponding web application system through the web browser of the CAS client. When the user logs in for the first time, the CAS server generates a credential ticket, which is stored in the server session and the client cookie respectively. , the client will automatically bring the ticket data to the server for verification, and if the verification is successful, it will log in automatically. As for whether the ticket will be forged and cause security problems, the CAS framework has already dealt with it, because the docking system needs to use the https security protocol for access, so there is no need to worry abou...

Embodiment 2

[0063] Such as Figure 4 As shown, an authority authentication method provided by an embodiment of the present invention includes:

[0064] Step 401, the CAS client receives the access request sent by the user through the web browser;

[0065] The access request may be a request to access a certain web application system, such as directly inputting a certain web application system address in the address of the web browser, or it may be a request to access the application system corresponding to the CAS client.

[0066] Step 402, the CAS client directly goes to the CAS server to perform user login authentication, and the CAS server judges whether the user has logged in; if the user is logging in for the first time, then execute as follows figure 1 Steps 1-5 in the single sign-on process shown in the prior art are then executed in step 403, and if the user is already logged in, step 403 is directly executed;

[0067] Step 403, when the user is in the logged-in state, the CAS s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a working method of a permission authentication system based on a CAS, and the permission authentication method comprises the following steps: a CAS server performs user login authentication according to an access request sent by a CAS client, wherein the access request comprises a user name and a password; when the user is in the logged-in state, the CAS server carries outuser authority authentication. By using the method provided by the invention, the problem of single sign-on is solved by using the CAS service, meanwhile, the user permission authentication is solved,and the process is simple; furthermore, the user can log in all authorized systems as long as remembering one application system domain name, and system management and user operation are facilitated.

Description

technical field [0001] The invention relates to a Central Authentication Service CAS technology, in particular to a working method of a CAS-based authority authentication system. Background technique [0002] With the development of Internet services, there are more and more web application systems. In addition to supporting the single sign-on function, user authority control is also required. Single sign-on (Single Sign-ON, referred to as SSO) is a unified authentication and authorization mechanism, which means that the same user who accesses the protected resources in different application systems of the same server only needs to log in once to pass the security authentication in one application system After that, when accessing protected resources in other application systems, it is no longer necessary to re-login for verification, that is, users only need to log in once to access all mutually trusted application systems without having to log in repeatedly. At present, t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0815H04L63/083H04L63/10H04L67/02
Inventor 不公告发明人
Owner 朱海燕
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap