资源描述:
《基于某某某的某2f某应用程序权限控制分析与应用》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、关键词:RBAC;权限控制;SpringSecurity;B/S应用系统;SSHII万方数据ResearchandApplicationofAccessControlinB/SApplicationsbasedonSSHAbstractWiththerapiddevelopmentofdigitizationandinformationtechnology,wehavestriddenforwardtotheinformationagecomprehensively,andinformationtechnologyproductsc
2、anbeseeneverywhereinourproductionandliving.BecauseofprovidingnetworkinformationServiceseasily,B/Sapplicationsarewidelyusedinonlinebanking,networkeducation,cooperativeoffice,andsoon.However,itisnotabsolutelysafeintheprocessoftheseWebapplications,andthesecurityissuesfrom
3、thenetwork、systemsandWebapplicationsthemselvesareemerginginendlessly.EspeciallyforB/Sapplications,thesecurityissuesaremoreprominent.AccessControl,asoneaspectofsecuritycontrol,isindispensableinB/Sapplications,so,robustaccesscontrolfeatureisthegoalwhatwearereadytodoourbe
4、st.BeingspecifictoproblemsofinsufficientaccesscontrolcapabilitiesofURLaddressrequest,methodsintheservicelayer,systempagenavigation,andinconvenientmanagementduetotightcouplingofbusinesslogicandaccesscontrollogic,inthispaper,astudyiscarriedonthis.First,aresearchofaccessc
5、ontroltheoryandtechnologyiscarriedon.Throughanalyzingconceptsandstrategyneedsofaccesscontrol,andcharacteristicsandscopeoftraditionalaccesscontrol,thisstudyfocusesonrole-basedaccesscontrolmodelwhichismoresuitableforB/Sapplicationsandcaneffectivelyreducetherightsmanageme
6、ntcomplexityandimprovemanagementflexibility,andchooseitasthebasicmodelwhenimplementingaccesscontrolframeworkinthispaper.Secondly,basedonRBACaccesscontrolandthedesignideasofSpringSecurityinauthenticationandauthorizationthroughthefilterchain,thispaperimprovesonthis,desig
7、nandimplementaaccesscontrolframeworkforB/SapplicationsbasedonSSHframework.Onrightmanagement,thisframeworkextendstheauthenticationIII万方数据andauthorizationmodulesofSpringSecurity.Bydefininginterfaceimplementationclasses,designingoperationinterfacesofuser-role-resourcemana
8、gement,dynamicallyconstructingresourceaccesscontrollist,usingSpringAOPtechnologyandaccesscontrolmethodofbitoperation,
