table of Contents
First, abstract ............................................................................ 1
Second, introduction ...............................................................................................
Third, demand analysis
(1) The functional requirements of the system ......................................................... 2
(2) The performance requirements of the system ......................................................... 2
(3) Operation environment requirements .................................................................
(4) Introduction to the development tool .............................................................. 2
Fourth, the overall design
(1) System module division ............................................................ 2
(2) Example of system use ............................................................... 3
(3) The whole system package .......................................................................
V. Detailed design
(1) Static structure and interrelationships of each class across the system ............................... 4
(2) Rolesystem sequence diagram .........................................................
(3) SitesyStem sequence diagram .........................................................
(4) UserSystem sequence diagram ...........................................................
Sixth, small knot .................................................................................
Seven, thank you ................................................................................. 12
Eight, reference ......................................................................... 12
Unified identity authentication subsystem detailed design and partial implementation
Zheng Tianming
School of Computer and Information Science, Southwest Normal University, Chongqing 400715, China
Summary: Unified Authentication Subsystem (UIA Subsystem) Unified Manage Users and Internets within Internet Management Systems (member sites). Each registered user has a unified network account (username / password), the user can access the web application system (member site) on all Internet by the same username / password, providing unified authentication and single point for user applications Login service. The main contents of the paper include the system requirements analysis, overall design, business appearance layers, and business logic layers.
Abstract: Unique Identity Authentication system (UIA) manage user and campus each in charge of speaking to the system (member site) in unison Each registered network user has unified network accounts (user name / the password), users can visit the network application. system (member site) in the garden through the same user name / the password, offer for the thing that users use and unify identity authentication and some single log-in services. This thesis main content include this system demand analyse, overall design, detailed Design to BusinessFacade and BusinessRules.
Keywords: user, member site, user role
I. Introduction
For each application system on the Internet, users must register, login, more troublesome, and easily cause confusion, but also cause confusing data resources. Therefore, there is a need for a special system to manage the user, that is, the user only needs to register to log in, you can use different application systems. Of course, for each of the different application systems, it is also logically unified management for the convenience of the user. Therefore, it is necessary to develop a unified identity certification subsystem. When the application system is registered to the unified authentication subsystem, we call it a member site. For the unified management of the user, the one hand is used to log in multiple times when accessing each member site, which gives the user's use, and also saves resources for the member site, avoiding the data redundancy brought by each member site dispersion management unified user. Rest. On the other hand, it also provides convenience to the development of new member sites (new application systems).
Unified management of member sites, on the one hand, it provides convenience to the user, that is, the user can access the member sites directly after the user logs in the unified identity authentication subsystem. On the other hand, the member site only needs to give the permissions type of different users when registering in the system, and various users can perform permission control, and the system is allocated to the user's permission.
Under the leadership of the team leader Wang Yun, the completion of the demand analysis and overall design (module division) work, by I am responsible for the writing of business appearance layers and business logic layer code.
Second, demand analysis:
(1) System function requirements
The unified identity authentication subsystem must implement two functions, one is to authenticate the user and system, and the other is the permission control between the user and the member site. Assign the user's permission to the user through the user's identity and the member site to access the permissions of a member site, through the system identity and the user's permission control, the member site can be viewed in the system. permission.
(2) System performance requirements
The unified identity certification subsystem will manage massive users and member site information, which is high in the performance requirements of the subsystem. At the same time, the performance requirements of the multi-network are also very high, so the required subsystem must first have a large capacity storage device. At the same time, there is a large bandwidth to ensure that a large number of users will not occur when access is accessed.
(3) Run environment requirements
.NET platform, SQLSERVER database, IIS server
(4) Introduction to Development Tools
Microsoft SQL Sever is a High Performance Customer / Server Relational Database Management System. There are many important new features such as transparent distributed processing, concise management, programming interface based on object embedding and link technology (0le), and integration with Internet, etc., select Microsoft SQL Sever's most important reason is its scalable Sex and high safety. Because Microsoft SQL Sever is a multi-line program-based parallel database core, it can play an advantage of additional processors, in many cases, only using a specific parallel database and operating system to obtain support for symmetric multi-processing technology; of course, it also has Very high security, effectively protecting user data.
Third, the overall design
(1) Unified identity authentication subsystem module division
The unified identity certification subsystem has two major functional modules: identity authentication module and permission management module.
Identification module manages user identity and member site identity. Provide online registration functions to users, providing information (such as username, password) that is the only evidence of user identity, and the user of the user is a legal user of the unified identity authentication subsystem; identity authentication module Provide online registration functions to the member site, and some basic information about the member site is required to provide a user-defined role species (such as ordinary users, advanced users, administrator users). The authority management module mainly includes: member site for user permission control, user's permission control, member site permission control. When the user applies for allocation permissions to a member site, this information is to provide permissions from the user to the member site, and the member site can check the user information after authenticating the subsystem authentication by unified authentication subsystem. And assign permissions to the user, and users who get permissions can access the member site with some identity after authentication of subsystem. Member Site's permission control of member sites is mainly the call interface that the member site is controlled to other member sites.
The unified identity authentication subsystem also includes system maintenance modules and use help modules. The main function of the system maintenance module is the management of member sites and maintenance of system data.
A unified identity certification subsystem also provides a set of SDK for use in the development of members. If the user accesses a member site, the subsystem provides a function that returns a user privilege for member site call.
(2) An example of system use:
The user can log in, but the user can access the member site of all the users owned by the subsystem through the unified authentication subsystem, and the user does not need to pass the certification again after accessing a site. You can access the member site that he has permissions, and the system returns his corresponding access to the member site; centralized authorization control is authorized to the member site, the user provides the information you want to see when you apply for permissions to the site, Authorization to the member site; the member site is also authorized to apply for the user, the site can be opened to the site, and the user has obtained the authority of the site; also provides management functions for the member site, including management of fundamentals. And its member users, including access to users, disabling users' permissions.
(3) Barrogram of the entire system:
It mainly illustrates the development method used in development: .NET hierarchical development, is also a development method recommended by Microsoft. The main part mainly has three layers: business logic, business appearance, database access layer. The business appearance layer mainly defines some basic operations, which can call the business logic layer, or call the database access layer and the Model layer, the business logic layer is mainly rules that define some operations, you can call the database access layer and the Model layer, database access layer Mainly the specific operation of the database, you can call the Model layer, through this layer of layer call to implement the main function of the system; the WebService layer can call the business logic layer, the database access layer and the Model layer, and the WebUI is mainly provided to the user. Reflect the actual function of the system, you can access the business appearance layer and the Model layer, the main function of the Model layer is to implement data transfer between the layers, which can be called by other layers. This development method is mainly conducive to the maintenance of the system and future system extensions. If a layer occurs or needs to update the function of a layer, only the corresponding layer is required, and there is no need to modify other layers, so It can be localized and easy to solve the problem.
Fourth, detailed design
(1) Static structure and interrelational diagrams of each class in the system:
This figure describes the member functions of the classes and classes contained in the system, and also indicates the call relationship between the classes. Now use the business appearance layer as an example as an example, as follows:
This layer has three classes: userSystem, SiteSystem, RoLESystem, where usersystem includes functions: createSite (), create a site
EnableSite (), open a site
Disablesite (), deactivated a site
UpdateSite (), change a site
Removesite (), delete a site
Getsite (), query a site
Listallsites (), query all sites
This class calls the member functions of the class userroles in the business logic layer and the member functions of the class users in the database access layer to implement the functionality of the system. The remaining various types are similar to those described above, and in the figure, it is not described in detail here.
(2) RoLESYSTEM sequence diagram:
The figure describes the specific implementation process of the system management role, involves the business appearance layer and the business logic layer, and is called by layer. Now remove a role as an example as an example:
This feature implements this feature by the member function removerole () of the class RoLesystem's member function, because a role is removed, so the function is implemented by calling the member function Removerole () of the class users in the business logic layer, Since the parameters of the function are Nickname, USID, the MODEL layer returns UserData and SiteData two data entities by calling the members of the class users provided by the class users provided by the database access layer, returning UserData and SiteData two data entities, get Userid, SiteID two Parameters, if the two entities are empty, return false, otherwise, then use the parameter userRole () using the parameter userRole () through the database access layer, SiteId calls the Model layer Returns the UserRoledata data entity, if this entity is empty, return FALSE, otherwise, return TRUE. This feature implements a complex call, the business appearance layer calls the business logic layer, and then the business logic layer then calls the business logic layer and the database access layer. code show as below:
// Business appearance layer code
Public Bool Removerole (String Nickname, System.guid USID)
{
Return New BusinessRules.UserroleRules (). Removerole (Nickname, USID);
}
// Code of business rules
Public Bool Removerole (String Nickname, System.guid USID)
{
Userdata user = new dataAccess.users (). Getuser (nickname);
Sitedata site = new data (). GetSite (USID);
IF (user! = null&ish! = null)
{
Userroledata userrole = new data (). GetUserRole (user.userid, site.siteId);
IF (New DataAccess.Userroles (). RemoveUserRole (userrole) == 1)
Return True;
Else Return False;
}
Else Return False;
}
(3) SiteSystem sequence diagram:
The figure describes the specific implementation process of the system management member site, involving business appearance layers and business logic layers, and is called by layer. Now remove a member site as an example as follows:
Implement the function Removesite () in the business appearance layer, since the deletion of a member site does not require rule restrictions, simply delete information about the member site in the database, so you don't need to call the business logic layer. Directly invoke the member functions () of the class Sites in the database access layer to implement system functions, this function is very simple, only one of the calls. The code is as follows: // Business appearance layer code
Public Bool Removesite (System.guid USID)
{
Int ret = new dataAccess.sites (). Removesite (USID);
IF (RET == 1)
Return True;
Else Return False;
}
(4) UserSystem sequence diagram
The figure describes the specific implementation process of the system management user, involves the business appearance layer and the business logic layer, and is called by layer. Now use the retrieved user password as an example below:
Implementing Findpassword () by the business appearance layer by the class UserSystem, since only the user can complete the password prompt problem and answer to retrieve the password, the function Findpassword () by calling the business logic layer UserRules To achieve this definition. Due to the parameters of the function to nickname, Question, Answer, return the two datasets of the database access layer by calling the database access layer, returning two datasets, if the Question and Answer fill in, return the user's password Otherwise, returns NULL, this function is relatively simple, the business appearance layer calls the business logic layer, and then the business logic layer then calls the database access layer. code show as below:
// Business appearance layer code
Public String Findpassword (String Nickname, String Question, String Answer)
{
Return New BusinessRules.UserRules (). Findpassword (Nickname, Question, Answer);
}
// Business logic layer code
Public String Findpassword (String Nickname, String Question, String Answer)
{
Userdata old = new dataAccess.users (). Getuser (nickname);
IF (old! = null && old.question == Question && == question && lot.answer == answer
Return old.password;
Else Return NULL;
}
V. Summary:
In this graduation design and development, our team fully plays the spirit of collaboration and work together to complete the task under the leadership of the guiding teachers and team leader Wang Yun. After completing this graduation design, I also learned a lot. First, I have a preliminary understanding of Microsoft's .NET framework development method, there is a certain experience for using the C # programming language, for the current advanced technology (WebService technology) Have a certain understanding, followed, I used to write some code before, now I have an attempt to develop a complete software, knowing that software development cannot only stay on writing code, more importantly, engineering development methods, pay attention to The preliminary work of software development, such as: feasibility analysis, demand analysis, overall design, etc. It is very important. Finally, I deeply recognize the major role of group collaboration in software development. After all, we cannot be alone with our current ability. Complete a work, in the process of work, if you encounter a tricky problem, our team will focus together, discuss the problem of solving the problem, and we have always maintained the progress of development, no a member of the work is not Delayed by completion of the progress of the entire development. With the development of modern Internet, more and more users and websites appear on the Internet, and how to manage their information is an important issue that is currently facing, and the unified identity certification subsystem is developed for solving this problem. The system has The interface is simple, the function is comparable, and the scalability is good. In the process of implementing the system, we are strictly developed in Microsoft's recommended development methods --.NET hierarchical development, which is convenient for future maintenance and expansion. However, since the system is currently just a prototype, in order to make it more improved, it should be perfect and improved.
Six, thank you
This graduation design can be successfully completed inseparable from our guidance.
Zou Xiangchun
Teacher guidance and help,
Lu Xinhong
teacher,
Chen Wu
teacher,
Smell
teacher,
Li Yun Gang
Teacher also gave great help in this process, expressing their sincere gratitude to their help. There is also a team of all members to support me, thank you for their heartfelt thanks!
7. Main references and appendices:
[1] Zhang Zhixue. NET Framework Developer Reference Manual. Tsinghua University Press, 2001
[2] Guo Sheng, Qin Co, Ma Li. C # .NET program design tutorial. Tsinghua University Press, 2002
[3] Sun Yulin, Ding Jianyang translation. Visual Basic.Net and Visual C # .NET object-oriented programming design. Tsinghua University Press, 2002
