AN AUTHENTICATION AGENT FOR WEB-BASED SYSTEM
Web information systems are now widely used. These systems generally provide specific service in accordance with users identities. To use these services, users are required to conduct identity authentication separately when logging in different web applications and systems. For the sake of security and access control, it is infeasible to use a unique common identifier and password for all systems. To achieve single sign on, we propose an authentication agent for web-based system which is called AA4WS. AA4WS can be installed in client side as a plug-in. It gets users POST data when first time logging in some web application system, stores the data, interacts with the authentication agent server through web service, and simulates login procedure, therefore eliminating users manual identity authorization and achieving unified identity authorization. AA4WS also achieves security in information storing, conveying, processing, updating and managing, and obtains efficiency as well, without adding additional service response time. AA4WS communicates with authentication agent server via web service by SOAP, making the system have characteristics of excellent generality.
authentication single sign on access control web service plug in
Wei Huang Jinhua Xu
School of Computer Science and Technology, Soochow University, Suzhou, Jiangsu, China
国际会议
北京
英文
596-599
2009-11-06(万方平台首次上网日期,不代表论文的发表时间)