为 了提高用户身份认证和授权管理的灵活性，从We b 应用系统的安全性角度出发，讨论了

一

种在． N E T F r a me w o r k下保证应用程序安全性的身份验证和授权模型，并给出了模型的具体实现方法。

该模型利用 F o r ms身份验证方法对用户的身份进行鉴别。在授权处理上，模型结合统一资源定位( u ． J f o r m

R e s o u r c e L o c a t o r , U R L ) 授权模式和用户所具有的系统角色，分别从页面级和页面操作级对用户的访问进行

控制。该模型在企业局域网环境内能够提供比较灵活的身份认证和基于角色的授权服务。实际应用表明，

基于该模型的We b应用系统能够对用户的访问进行有效的控制，从而保证了系统的安全性-In order to enhance user authentication and authorization management flexibility, from the We b application system security point of view, discussed

1

Species. NETF ra me work to ensure application security identity authentication and authorization model, and give a model of the specific methods of implementation.

The model F or ms using authentication methods on the user s identity were identified. At authorized treatment, the model combination of Uniform Resource Locator (u. J form

R esource L ocator, URL) authorization model and the user has the role of the system, separately from the page-level and page-level operations on the user s visit

Control. The model in the enterprise LAN environment can provide a more flexible role-based identity authentication and authorization services. Practical application shows that

Based on the model We b applications can access the user s effective control, thereby ensuring the system security