基于Struts+Hibernate的权限管理系统的设计与实现
|
摘要
目前,越来越多的企业都通过Internet建立起基于Web的企业信息管理系统,从而理顺工作流程,加强与客户的联系,提高运营效率,增强企业的竞争力;与此同时,企业也对信息管理系统的安全性提出了很高的要求。本文以这类问题作为研究重点,具体实现了一个适合企业权限管理的系统。
在本文中,作者首先分析了基于Web的企业信息管理系统存在的安全管理方面的困难,比如:1企业结构复杂,人员众多,岗位升降、任务变动、流动性大等特点,使得权限管理工作繁琐混乱;2由于互联网上存在各种不安全因素,用户也复杂多样,使得系统面临着来自内、外两方面的安全威胁,在考虑应用级系统安全性时,还需特别处理通过直接输入网页地址来访问系统中资源的情况。
作者通过在系统中引入权限管理子系统这一模块,对用户的授权与认证过程进行统一协调管理,很好地解决了以上问题。经过分析比较目前已有的访问控制方法,比如:自主访问控制(DAC)、强制访问控制(MAC)等,最终借鉴更适合企业信息系统的访问控制方法一基于角色的访问控制(RBAC),结合中国普天的实际需求,提出了企业访问控制模型,以此作为普天权限管理系统实现的基础,从而使得权限维护管理具备了方便、灵活的特点。另外,作者在系统实现时,采用了当前流行的Web开发技术:Struts+Hibernate,使表示逻辑层和业务逻辑层相分离,系统更趋模块化,更容易维护,提高了系统移植性和扩展性。
在文章的第五章中,通过UML类图,数据库图,各实现原理图,以及核心代码展示,详细描述了权限管理系统的实现过程。实践证明,该权限管理子系统在《普天项目信息管理系统》中取得了满意的效果。
At present, more and more enterprises are founding up their own enterprise_ information management system based on Web, through Internet, in order to streamline workflow processes, strengthen customer relationships, improve operational efficiency and enhance the core-competitiveness of enterprises; At the same time, enterprises desires for the very high safety of information management system. This article focuses on these issues, and concretely describes the realization of a system for enterprise rights management.
In this paper, author firstly analyzes existing security-problems of the right-management of the current enterprise information management systems: One Because of enterprise complex structures, many staff, status movements, job changes, and the frequent variability, the work of the rights management is tedious and chaos. Two because there exist all sorts of factors leading to the insecurity on the Internet and the complex diversity of users, enterprise information management system is made facing threats to the security from both internal and external. For the application-level security, the designer must specially deal with the inappropriately accessing the system resources by the way of directly inputting the Web site address in Address Bar.
By the way of the introduction of this right management subsystem module into the system, the author coordinates the management of user authentication and authorization process, which is a good solution to the above problems. After analysis and comparison of existing access control methods, considering the project needs of China Potevio, the author refer to RBAC model and design Enterprise_RBAC model, which is used as the foundation of Potevio rights management subsystem and makes maintenance and management of the right convenient and flexible. In addition, author uses popular Web technology: Struts and Hibernate, which makes system more modular and easier to maintain and improves the portability and scalability.
In the fifth chapter of the article, by UML class diagram, database map, the function realization schematics, as well as main code, the author described in detail the entire process of finishing the right management system. Practice has proved that the right-subsystem has attained very satisfactory effects in Potevio Project Information management System.
在本文中,作者首先分析了基于Web的企业信息管理系统存在的安全管理方面的困难,比如:1企业结构复杂,人员众多,岗位升降、任务变动、流动性大等特点,使得权限管理工作繁琐混乱;2由于互联网上存在各种不安全因素,用户也复杂多样,使得系统面临着来自内、外两方面的安全威胁,在考虑应用级系统安全性时,还需特别处理通过直接输入网页地址来访问系统中资源的情况。
作者通过在系统中引入权限管理子系统这一模块,对用户的授权与认证过程进行统一协调管理,很好地解决了以上问题。经过分析比较目前已有的访问控制方法,比如:自主访问控制(DAC)、强制访问控制(MAC)等,最终借鉴更适合企业信息系统的访问控制方法一基于角色的访问控制(RBAC),结合中国普天的实际需求,提出了企业访问控制模型,以此作为普天权限管理系统实现的基础,从而使得权限维护管理具备了方便、灵活的特点。另外,作者在系统实现时,采用了当前流行的Web开发技术:Struts+Hibernate,使表示逻辑层和业务逻辑层相分离,系统更趋模块化,更容易维护,提高了系统移植性和扩展性。
在文章的第五章中,通过UML类图,数据库图,各实现原理图,以及核心代码展示,详细描述了权限管理系统的实现过程。实践证明,该权限管理子系统在《普天项目信息管理系统》中取得了满意的效果。
At present, more and more enterprises are founding up their own enterprise_ information management system based on Web, through Internet, in order to streamline workflow processes, strengthen customer relationships, improve operational efficiency and enhance the core-competitiveness of enterprises; At the same time, enterprises desires for the very high safety of information management system. This article focuses on these issues, and concretely describes the realization of a system for enterprise rights management.
In this paper, author firstly analyzes existing security-problems of the right-management of the current enterprise information management systems: One Because of enterprise complex structures, many staff, status movements, job changes, and the frequent variability, the work of the rights management is tedious and chaos. Two because there exist all sorts of factors leading to the insecurity on the Internet and the complex diversity of users, enterprise information management system is made facing threats to the security from both internal and external. For the application-level security, the designer must specially deal with the inappropriately accessing the system resources by the way of directly inputting the Web site address in Address Bar.
By the way of the introduction of this right management subsystem module into the system, the author coordinates the management of user authentication and authorization process, which is a good solution to the above problems. After analysis and comparison of existing access control methods, considering the project needs of China Potevio, the author refer to RBAC model and design Enterprise_RBAC model, which is used as the foundation of Potevio rights management subsystem and makes maintenance and management of the right convenient and flexible. In addition, author uses popular Web technology: Struts and Hibernate, which makes system more modular and easier to maintain and improves the portability and scalability.
In the fifth chapter of the article, by UML class diagram, database map, the function realization schematics, as well as main code, the author described in detail the entire process of finishing the right management system. Practice has proved that the right-subsystem has attained very satisfactory effects in Potevio Project Information management System.
引文
[1]薛华成 管理信息系统(第四版)清华大学出版社2006.10
[2]沈志伟 Struts框架及其应用研究 计算机与数字工程2007.8
[3]孙卫琴 精通StrutS:基于MVC的Javaweb设计与开发 电子工业出版社2004.8
[4]梁立新 基于Struts-Spring-Hibernate的java应用开发 电子工业出版社2006.8
[5]勇浩晨 浅谈Struts在web应用中对MVC的实现 计算机应用2007.6
[6]陈圣俭 用Struts创建安全的Web应用2007年研究综述与技术论坛专刊2007.6
[7]朱庆伟一种对象_关系映射框架的分析和应用 微型电脑应用2007.6
[8]陕正杰 基于Struts框架的Hibernate应用研 究应用安全2006
[9]邓牧Java对象持久化技术与Hibernate计算机与现代化2007.8
[10]吴吉义 基于Struts_Hibernate_Spring的电子政务应用系统架构2005.12
[11]陈天河Hibernate项目开发宝典 电子工业出版社2006.6
[12]施良辉 基于角色的访问控制框架设计与其应用 电脑应用技术2007年70期
[13]林磊 管理信息系统中基于角色的权限控制 计算机应用研究2005.6
[14]杨茂春 RBAC模型在信息处理系统中的研究与应用 微处理机2006.8
[15]周文峰 基于RBAC模型的权限管理系统设计与实现 管控一体化2006.5
[16]王兴伟 Web信息系统中基于RBAC模型的访问控制模块设计与实现2006.10
[17]张苏 基于RBAC4WS的Web应用集成技术 中文核心期刊2006.10
[18]邵明刚 基于Struts框架的信息系统中RBAC的设计 甘肃科技2007.2
[2]沈志伟 Struts框架及其应用研究 计算机与数字工程2007.8
[3]孙卫琴 精通StrutS:基于MVC的Javaweb设计与开发 电子工业出版社2004.8
[4]梁立新 基于Struts-Spring-Hibernate的java应用开发 电子工业出版社2006.8
[5]勇浩晨 浅谈Struts在web应用中对MVC的实现 计算机应用2007.6
[6]陈圣俭 用Struts创建安全的Web应用2007年研究综述与技术论坛专刊2007.6
[7]朱庆伟一种对象_关系映射框架的分析和应用 微型电脑应用2007.6
[8]陕正杰 基于Struts框架的Hibernate应用研 究应用安全2006
[9]邓牧Java对象持久化技术与Hibernate计算机与现代化2007.8
[10]吴吉义 基于Struts_Hibernate_Spring的电子政务应用系统架构2005.12
[11]陈天河Hibernate项目开发宝典 电子工业出版社2006.6
[12]施良辉 基于角色的访问控制框架设计与其应用 电脑应用技术2007年70期
[13]林磊 管理信息系统中基于角色的权限控制 计算机应用研究2005.6
[14]杨茂春 RBAC模型在信息处理系统中的研究与应用 微处理机2006.8
[15]周文峰 基于RBAC模型的权限管理系统设计与实现 管控一体化2006.5
[16]王兴伟 Web信息系统中基于RBAC模型的访问控制模块设计与实现2006.10
[17]张苏 基于RBAC4WS的Web应用集成技术 中文核心期刊2006.10
[18]邵明刚 基于Struts框架的信息系统中RBAC的设计 甘肃科技2007.2