没有合适的资源?快使用搜索试试~ 我知道了~
外文翻译--面向Java-Web应用程序的OpenID.doc
0 下载量 86 浏览量
2023-07-08
22:20:04
上传
评论
收藏 173KB DOC 举报
温馨提示
试读
32页
外文翻译--面向Java-Web应用程序的OpenID.doc
资源推荐
资源详情
资源评论
专业外文翻译
题 目
小型企业网站的制作
系 (院)
计算机科学技术系
专 业
计算机网络技术
班 级
学生姓名
学 号
指导教师
职 称
二〇一〇年五月二日
****专科毕业设计(专业外文翻译)
1
OpenID for Java Web applications
Summary: OpenID is a decentralized authentication protocol that makes it easier for users
to access resources in your Java™ Web applications. In this first half of a two-part article,
you'll learn about the OpenID Authentication Specification and walk through the steps of
incorporating it into a sample Java application. Rather than implement the OpenID
Authentication specification by hand, author J. Steven Perry uses the openid4java library
and a popular OpenID provider, myOpenID, to create a safe and reliable registration
process for a Java application written in Wicket.
Tags for this article: authentication, java, openid, openid4java, sign-on, single,
steve_perry, webs
OpenID is a decentralized authentication mechanism. Using OpenID, I can prove I
own a URI such as http://openid.jstevenperry.com/steve, and I can use that identity to
authenticate myself with any site that supports OpenID — such as Google, Slashdot, or
Wordpress. Clearly, Open ID is great for end users. But using it got me to thinking: "What
about using OpenID to create a standard, reliable authentication system for the Java-based
Web applications I write for my customers?"
In this two-part article I will show you how to use the openid4java library and a
well-known OpenID provider, myOpenID, to create an authentication system for a
Java-based Web application. I'll also show you how to receive user information with an
OpenID Simple Registration Extension (SReg).
I'll start by explaining what OpenID is and showing you how to get an OpenID of your
own. Next, I will present a brief overview of how OpenID authentication works. Finally, I
will walk through the steps involved in performing OpenID authentication using
openid4java. In the second half of this article, you'll learn how to create your own OpenID
provider.
Throughout the discussion I'll be working with a Wicket-based Java Web application
that I wrote specifically for this article. You can download the source code for the
application any time. You also might want to take a look at the openid4java library (see
****专科毕业设计(专业外文翻译)
2
Resources).
Note: This article focuses on using OpenID for Java Web applications, but OpenID
works in any software architectural scenario.
Introduction to OpenID
OpenID is a specification for proving a user owns an identifier. For now, just think of
an identifier as a String that uniquely identifies a user. If you're like me, you own many
identifiers or userids. I have a userid at Facebook, another at Twitter, and others at dozens
of sites that I use around the Internet. I always try to use the same userid but it's not
available on every new site I sign up for. So, I have a mental map of all of my userids and
the Web sites they're associated with. What a pain; I use the "Forget your password?"
feature a lot! It would be great if there were a way to claim a single identifier and use it
everywhere.
OpenID solves exactly this problem. Using OpenID, I claim an identifier and use it on
any site or Web resource that has adopted the protocol. The latest figures (from the OpenID
Web site) say that more than 50,000 Websites support OpenID, including Facebook,
Yahoo!, Google, and Twitter.
OpenID authentication
OpenID authentication is at the heart of OpenID, and consists of three main concepts:
The OpenID Identifier: A String of text that uniquely identifies the user.
The OpenID Relying Party (RP): An online resource (probably a Web site, but it could be
a file, an image, or pretty much anything you want to control access to) that uses OpenID to
identify who can access it.
The OpenID Provider (OP): A site where users can claim an OpenID and subsequently
sign-in and authenticate their identity for the benefit of any RP.
The OpenID Foundation is a consortium whose members are interested in promoting
open source identity management through the OpenID specification.
How does OpenID work?
Suppose a user is attempting to access a resource that is part of an RP's Web site, and
the RP uses OpenID. To access the resource, the user must present his OpenID in a form
****专科毕业设计(专业外文翻译)
3
that can be recognized (normalized) as an OpenID. The OpenID is encoded with the OP's
location. The RP then takes the user's identifier and redirects the user to the OP, where he
will be required to prove his claim to that ID.
Let's briefly consider each component of the OpenID specification and its role in this
process.
OpenID Identifiers
At the heart of OpenID is, of course, the OpenID Identifier. An OpenID Identifier (or
just "identifier") is a human-readable String of characters that uniquely identifies someone.
No two users have the same OpenID, and that's what makes OpenID work. By following
stipulations in the OpenID Authentication Specification Version 2.0, OpenID RPs are able
to decode (or "normalize") an identifier to figure out how to authenticate a user. In the
operational world of OpenID, where we as developers write code, two identifiers are of
interest:
User-Supplied Identifier
Claimed Identifier
As the name suggests, a User-Supplied Identifier is the identifier supplied by the user
to the RP. The User-Supplied Identifier must be normalized into a Claimed Identifier,
which is just a fancy way to say that the identifier supplied by the user is transformed into a
standard form. The Claimed Identifier can then be used to locate the OP through a process
called discovery, after which the OP will authenticate the user.
OpenID Relying Party
It is normally the RP that is presented with a User-Supplied Identifier, which is
normalized to a Claimed Identifier. The user's browser (the "User Agent") will be
redirected to the OP so that the user can provide his or her password and be authenticated.
The RP neither knows nor cares about the specifics of how a Claimed Identifier is
authenticated; it only wants to know whether the OP has successfully authenticated the user.
If so, the User Agent (again, probably the user's browser) is forwarded to the secure
resource that the user was attempting to access. If the user cannot be authenticated, then the
RP denies access.
****专科毕业设计(专业外文翻译)
4
Open ID Provider (OP)
The OP, or OpenID Provider, is responsible for issuing Identifiers and performing user
authentication. OPs also provide Web-based management of OpenIDs. OPs collect and hold
the following basic information about each user:
E-mail address
Full name
Date of birth
Postal code
Country
Primary language
When an OP is asked to authenticate a Claimed Identifier, the user's browser is
directed to a sign-in page where the user is challenged to enter his password. At that point,
control is with the OP. If the user is successfully authenticated, then the OP directs the
browser to a location specified by the RP (in a special "return-to" URL). If the user cannot
authenticate, he will probably receive a message from the OP that his authentication
attempt failed (at least that's the case with ClaimID and myOpenID, two popular OpenID
Providers).
Becoming an OpenID Relying Party
So now you know about the major components of OpenID and how they fit together.
For the remainder of the article, we'll focus on writing an OpenID Relying Party (RP) using
the open source openid4java library.
The first step in using OpenID is to get an identifier. It's easy to do: just go to
myOpenID and click the SIGN UP FOR AN OPENID button. Pick an OpenID like
redneckyogi or jstevenperry (both of which are mine, by the way). The sign up form will
tell you whether the userid you've chosen is already taken. If not, you'll be instructed to
enter a password, an e-mail address, some text in a JCaptcha-style text box (you're not a bot,
are you?), and that's it!
Some minutes later you'll get an e-mail at the address provided containing a link in it.
Click the link to confirm your e-mail address and — congratulations! — you now have an
剩余31页未读,继续阅读
资源评论
智慧安全方案
- 粉丝: 3614
- 资源: 59万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功