LAN single sign-on method based on network controller

Abstract

The invention relates to a single sign-on method for a local area network based on a network controller. The method comprises the following steps that the network controller provided with a CAS (Central Authentication Service) server is installed in the local area network, and the network controller is connected to a forwarding surface through an OpenFlow protocol; a login function of each information subsystem is closed and preset network protocol modules are installed on clients; an access interface of each information subsystem is correspondingly configured on the CAS server, and the access interface copies original access control logic in each information subsystem; when the client sends an access request, a Ticket is taken as IP (Internet Protocol) head information to be added in an IP packet of request data; and the forwarding surface forwards the IP packet to the corresponding access interface on the CAS server and identity authentication is carried out by the access interface. The method carries out unified integration on all existing subsystems, and single sign-on that a user only needs to log in once to access the corresponding subsystems in the local area network according to user permission can be realized.

Description

technical field [0001] The invention relates to a single-sign-on method for a local area network based on a network controller, belonging to the technical field of network control. Background technique [0002] Large-scale enterprises (such as Nanjing Power Supply Company, etc.) often already have multiple information subsystems within the enterprise, which are used to handle different businesses. In order to fully integrate the existing multiple information systems and realize the unified management of enterprise data resources and other information, it is first necessary to unify the login user names and passwords of the existing information systems, that is, to realize the global unified single management of the existing multiple information systems. Click to log in (that is, Single Sign-On, referred to as SSO). Single sign-on is one of the problems that all kinds of organizations, including enterprises, must solve when integrating their business. Single sign-on enables...

AI Technical Summary

Problems solved by technology

[0006] 2) Each subsystem must be modified, or it already includes a CAS client, or it is initially built with a CAS client

However, usually the sources of information systems within an enterprise vary. Some systems do not have source codes, and some systems have source codes but are not easy to modify. Moreover, the software platforms and languages ​​used by each system may be different.

To implement a globally unified single sign-on system on such a heterogeneous system, the development cost is high and the implementation is difficult, and the technical feasibility is not high

Images