"面向Java Web应用程序的OpenID认证协议解析及实践"
版权申诉
156 浏览量
更新于2024-02-28
收藏 143KB DOC 举报
OpenID is a decentralized authentication protocol that simplifies user access to resources in Java™ Web applications. This protocol, which is explained in detail in the document "OpenID for Java Web applications," offers a secure and efficient means of user authentication. In this first part of the article, readers are introduced to the OpenID Authentication Specification and are guided through the process of integrating it into a sample Java application. This article emphasizes the importance of implementing OpenID authentication in Java Web applications and highlights its benefits, such as enhanced security and user experience. By following the steps outlined in the article, developers can successfully incorporate OpenID authentication into their Java Web applications, ensuring a seamless and reliable user authentication process.
****专科毕业设计(专业外文翻译)
According to OpenId.net, Google, Wordpress, and other popular sites support OpenID.
If you've signed up for any of these sites you may already have an OpenID.
For instance, if you have a Yahoo! Account, you probably also have an OpenID (I did,
and didn't even know it). You just use your Yahoo! ID when you sign in, and Yahoo is your
OpenID Provider. You provide your Yahoo-based OpenID as whatever@yahoo.com and
the RP will ask Yahoo to authenticate you (you can actually see this in action if you run the
sample application that accompanies this article).
About the sample application
As I said at the beginning of this article, I've written a Java Web application that uses
openid4java to create a simple OpenID Relying Party (RP). It is a simple application that
you can build (as a WAR), drop into Tomcat, and run from your local machine. The sample
application has a very tight focus:
The user enters her OpenID on a registration page.
The application verifies the Identifier (by directing the user to her OP to sign in).
Upon successful authentication, the application retrieves the user's profile information
from the OP, and directs the user to a Save page where she can review and save her profile
information.
The information displayed on the Save page is pulled from the information available
from the OP.
I wrote the application with Wicket because, well, I really like Wicket. But I've tried to
minimize Wicket's "footprint" so that it doesn't distract you from learning how to write an
OpenID Relying Party.
The architecture of the sample application is divided into two areas of responsibility:
User interface written in Wicket
OpenID authentication — using the openid4java library
Of course the two areas intersect, but again, I have tried to keep overlap to a minimum
to make it easier to follow the OpenID instructions, rather than getting distracted by the
details of Wicket.
About openid4java and the sample application code
The OpenID Authentication spec is complicated. If you implement specifications all
the time, you'll probably be very comfortable writing your own implementation. As for me,
I'm lazy. I don't want to do any more work than I have to in order to solve the problem at
hand, which is where the openid4java library comes into play. openid4java is an
implementation of the OpenID Authentication specification that makes it much easier to use
OpenID programmatically.
The code listings that follow show the openid4java API calls an RP makes to use
OpenID. One thing you may notice is how little code the sample application actually needs
to make this happen. openid4java really does make your life easier.
To reduce the Wicket footprint in the sample application, I've isolated the code that
calls openid4java into its own Java class called RegistrationService (located in
com.makotogroup.sample.model). This class contains five methods that correspond to the
usage of the openid4java API:
4
剩余21页未读,继续阅读
2023-07-02 上传
点击了解资源详情
点击了解资源详情
点击了解资源详情
2019-07-15 上传
2021-04-28 上传
2022-07-09 上传
omyligaga
- 粉丝: 88
- 资源: 2万+
我的内容管理
展开
最新资源
- Angular实现MarcHayek简历展示应用教程
- Crossbow Spot最新更新 - 获取Chrome扩展新闻
- 量子管道网络优化与Python实现
- Debian系统中APT缓存维护工具的使用方法与实践
- Python模块AccessControl的Windows64位安装文件介绍
- 掌握最新*** Fisher资讯,使用Google Chrome扩展
- Ember应用程序开发流程与环境配置指南
- EZPCOpenSDK_v5.1.2_build***版本更新详情
- Postcode-Finder:利用JavaScript和Google Geocode API实现
- AWS商业交易监控器:航线行为分析与营销策略制定
- AccessControl-4.0b6压缩包详细使用教程
- Python编程实践与技巧汇总
- 使用Sikuli和Python打造颜色求解器项目
- .Net基础视频教程:掌握GDI绘图技术
- 深入理解数据结构与JavaScript实践项目
- 双子座在线裁判系统:提高编程竞赛效率
