| Java安全体系在Web程序中的研究和应用* |
| |
| 引用本文: | 罗锐,程文青.Java安全体系在Web程序中的研究和应用*[J].计算机应用研究,2006,23(7):114-115. |
| |
| 作者姓名: | 罗锐 程文青 |
| |
| 作者单位: | 华中科技大学,电子与信息工程系,湖北,武汉,430074 |
| |
| 摘 要: | 提出了一种基于Java的Web程序安全解决方案。该方案采用JAAS(Java Authentication Authorization Service)实现可插入式登录模块,采用X509数字证书作为用户身份认证,通过配置Web服务器,并利用服务器证书和客户端证书实现服务器与客户端之间的SSL双向认证;待认证成功后,再利用服务器和客户端协商好的对称密钥来建立HTTPS连接,以实现数据的安全传送。该方案为基于Java的Web程序提供了一个安全接口,可以方便地移植。
|
| 关 键 词: | 数字证书 |
| 文章编号: | 1001-3695(2006)07-0114-02 |
| 收稿时间: | 2005-06-11 |
| 修稿时间: | 2005-06-112005-08-19 |
Research and Application of Java Security System in Web Program |
| |
| LUO Rui,CHENG Wen qing.Research and Application of Java Security System in Web Program[J].Application Research of Computers,2006,23(7):114-115. |
| |
| Authors: | LUO Rui CHENG Wen qing |
| |
| Affiliation: | (Dept. of Electronics & Information, Huazhong University of Science & Technology, Wuhan Hubei 430074, China) |
| |
| Abstract: | Propose a security solving-scheme for Web program based on Java.The scheme realizes pluggable Authentication module by JAAS(Java Authentication Authorization Service),and take X509 digital certificate as user's identity authentication.Through configuring the Web server,and using the server certificate and client certificate,it actualizes the SSL bidirectional authentication between server and client.After the successful authentication,the HTTPS connection successfully established by negotiated symmetrical key between server and client can make the secure transmission of data.The scheme provides a secure interface for Web program which based on Java,and it can be transplant conveniently. |
| |
| Keywords: | JAAS SSL HTTPS |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
