Design of unified authentication and authorization system based on CAS and OAuth

0 Preface

There are more and more application systems in banks. Each system manages its own users independently, which is easy to form an information island. The decentralized user management model hinders the evolution of bank applications to platform. When the bank’s business develops to a certain scale, it will be essential to build a unified account management system, because it is an important infrastructure for the bank’s future Internet cloud platform, which can bring unified account management, identity authentication and user authorization to the platform. , bringing basic capabilities such as cross-system single sign-on and third-party authorization to banks, providing necessary conditions for building an open platform and business ecosystem.

Common account management products include: CA’s SiteMinder, which is expensive; IBM’s Tivoli Access Manager, which needs to be purchased and is closely integrated with other IBM products; Atlassian’s Crowd, which needs to be purchased and is integrated with its own Jira, Confluence The combination is relatively close; Oracle’s OpenAM, which is the first open source authentication and authorization product, has good support for Oracle’s products; the open source project CAS (Central Authentication Service) initiated by Yale University is simple, effective, safe, and supports a variety of Client, supports Single Sign On (Single Sign On, SSO), Open Authorization (Open Authorization, OAuth), etc.

Please download the details of this article:

author information:

Li Qiang

(CLP Jinxin Software Co., Ltd., Hangzhou 310000, Zhejiang)

The Links:   6DI100A-060 FB180SA10