Implementation Based on User Security Strategy in BS (1)

zhaozj2021-02-08  205

When using ASP, JavaScript and Oracle development a set of tax system's background management software, we successfully realize security policies based on user groups and users, and have achieved better results in flexibility and security. We will introduce users' security policies in B / S in B / S to everyone in four aspects of storage structure, menu management, permission assignment, and security check.

1 Storage Structure Storage Structure For this system, the structure of the database table is mainly composed of the following tables:

A. Menu table (CDB)

Field name

Field description

Types of

Note

CDBH

Menu number

Number (3)

Non-empty main key

FCDBH

Parent menu

Number (3)

CDMC

Menu name

VARCHAR2 (40)

Qxws

Permission bit

Number (2)

Rklj

Inlet path

Varchar2 (50)

XGWJ

Related documents

VARCHAR (200)

Sfqy

Whether to enable

Char (1)

DEFAULT 1

B. User Group (YHZB)

Field name

Field description

Types of

Note

SSDW

Belong to the unit

Char (4)

Non-empty main key

Yhzbh

User group number

Char (4)

Non-empty main key

Yhzmc

name

VARCHAR2 (40)

Yhzqx

Authority

Char (100)

Yhgs

User number

Number (3)

DEFAULT 0

Sfqy

Whether to enable

Char (1)

DEFAULT 1

C. User table (YHB)

Field name

Field description

Types of

Note

SSDW

Belong to the unit

Char (4)

Non-empty main key

Yhbh

user ID

Char (4)

Non-empty main key

Ssyhz

user group

Char (4)

DLM

Login name

VARCHAR2 (25)

DLMM

login password

VARCHAR2 (40)

YHXM

username

VARCHAR (20)

YHQX

User rights

Char (100)

Sfqy

Whether to enable

Char (1)

DEFAULT 1

The storage of permissions is "bit" mode. According to the system scale, we estimate that the system's menu items will not exceed 100, and 100-bit storage is defined as authority. Such as the user permission field in the user table, if the user does not have this permission in the first bit, the first bit is "0", that is, if the user has this permission in the first bit, the first bit is "1" ".

Menu tables are used to store all menu items in the system. By the provided editing method, you can add modifications to the menu items in the menu table to make the foundation for flexibility. According to the corresponding relationship between the menu number and the parent menu number, according to the recursive principle, it is easy to implement the multi-level menu, the parent menu number of the top menu is 0. The permission bit is a key field in the menu table, which indicates that the menu is located in the permissions, and if the menu number is 10 menu items, the permissions of the user 10 bits are "1", indicating the power of the menu item using the menu number 10, but there is no.

The user group list is used to store all user groups in the system, and they can be flexibly edited by the provided editing methods. The key field is a string of the user group permission to store the permissions of the user group.

The user table can be edited by the user's table to store all users in the system. The key field is a string of 100 digits, and stores the user's permissions. This permissions are inherited from the user group to which the user belongs is created, and the user's permissions can be modified separately when establishing a user.

Other fields will be mentioned in later introductions that don't make a detailed description there.

转载请注明原文地址:https://www.9cbs.com/read-2824.html

New Post(0)