Improved design and implementation of Java EE Project login mode

j2ee| Design | project SummaryJava EE is the current establishment and development of a variety of web applications of the mainstream platform, in this paper, the user login in the system of the existing problems, put forward an improvement program, detailed description of the system working principle, and specific business, given the implementation of the specific content, for the environment under the Java EE Unified Certification Centralized system management and rights management system provides a feasible solution.

　　 Key WordsJ2ee;web application, login;

　　 Introduction

In order to change the traditional way of login and make full use of network resources, we have improved the way of user login, set up the system of User account Authentication Center, and manage all kinds of data, manage login and logoff process for all users to establish network user login identity. Users only need to log in once, they can access their own permissions and resources, greatly facilitate the user's use, improve the utilization of the system resources benefit.

　　 Design of user login based on Java EE

The system uses a multi-tier (n-tier) development model, and the basic architecture is shown in Figure 1. The basic structure of the system is divided into four layers: System platform layer, service layer and application layer, and frame the data layer between the service layer and the system platform layer to make the system data independent and secure.


Fig. 1 The basic frame diagram of the system
The system platform uses the Java EE Standard, the application which based on the Java EE Standard development can transplant across the platform, and provides the various services which the enterprise calculates needs; most of the standards in Java EE define interfaces, such as Jndi, JDBC, and so on, so they can be matched with many vendors ' products and are easily supported The Java EE set up a broad and common standard that greatly simplifies the application development and deployment process. Operating systems can use operating systems based on Ms Windows, or UNIX, LUnix, and so on.

Above the system platform layer is the system's data layer, and the database can use XML. XML has good scalability, language is simple and effective, can be defined by itself, the separation of content and form, mainly depict the content of the data, do not consider the display effect, there are strict grammatical requirements, easy to analyze the unified and database information conversion, easy to transmit, in plain text form, can be directly transmitted through the HTTP protocol, Can cross firewalls and so on. The system can also employ Oracle, MS SQL Server, DB2, MySQL, and other databases.

With the support of the system platform layer and the data layer, the system provides service to the whole platform through the service layer. Provides support for applications and a standardized application interface. User Authentication Center is established in the service layer, to each user to establish a user identity, and is responsible for each login to the Customer System certification.

The application layer is architected on top of the service layer. Application layer includes a variety of integrated applications, such as command Automation network, political work propaganda network, financial network and so on. Because the system provides the standardized interface, so the existing application system within the unit and the future development of the application can be conveniently and seamlessly framed in the system platform application as long as the standardized interface is used.

The whole of this multi-level structure system, through the multi-level structure application, the system extensibility and flexibility are guaranteed, and has a broader applicability.

　　 implementation based on Java-EE user login

1. Principle of System Realization

The user accesses any page in the system component and the system goes to the login interface, and the system automatically transfers to the customer's last requested page after the user logs in. And users can then seamlessly switch in the system, do not need to log in again, to achieve a one-stop login. The System User login implementation principle is shown in Figure 2.


Figure 2 System User Login implementation diagram
System implementation steps are as follows:

⑴ user access to the application system.

⑵ Application System If you check that the user is not logged on to their server, redirect the user request to the user authentication Center.

The ⑶ user Authentication Center verifies the user's real-time status and automatically turns to the user login interface of the authentication center if the user does not log in. If you are already logged in, redirect the user identification and user token back to the application system.

⑷ user Authentication Center to authenticate the user, generate user token, redirect back to application system.

The ⑸ application system receives the user token of the uniform form, obtains the user's login account on the system, makes the user on the system status to log in, and returns the page that the user requests to visit.

⑹ If the user has logged on to the application system login server before accessing the application system, the second step to the fifth step is transparent to the user, and the user feels that only the access request is made to the application system and the correct page feedback is obtained.

From the above process, we can know that no matter what user access to the application system, users need only one login, to ensure that the user's status in the entire system is online, no longer need a second login.

2, the system realizes the key code

The system defines three session variables:

UserID: Identify the user identity;
Pass: Identifies the user's immediate status;
URL: Save the last requested page to ensure that the user can go to the requested page after logging in.

When initializing:

Protected void Init ()
{
Session.add ("UserID", 0);
Session.add ("Pass", false);
Session.add ("Url", "");
}
For the validation process, the passed parameters are first saved to the session. If the user is not logged in, go to the login.jsp page to log on. If the user is already logged in. Redirects the user identity and user token to the Application system access page.

private void Validate ()
{
BOOL pass = (BOOL) session["Pass"];
if (Request. GetString ["url"]!= null) && (request.getstring["url"]!= ""))
{
session["url"] = request.getstring["url"];
}
if (pass)
{
String UserID = session["UserID"]. ToString ();
String url = session["url"]. ToString ();
Response.Redirect (url+ "/apppage.jsp"?) Userid= "+ UserID +" &pass=true);
}
Else
{
Response.Redirect ("login.jsp")
}
}
　　 Concluding remarks

We have completed the implementation of the improved user login system in the Java EE system in this paper, and successfully applied to many Web application systems, it has been proved that the login system has the following characteristics:

⑴ has a seamless connection function. Be able to make the most of the existing system's identity authentication modules and existing user settings and permissions settings, as much as possible to protect existing investments, reduce the cost of reset user settings and permissions, and avoid large-scale changes to existing systems.

The ⑵ has good expansibility. Not only can support the existing application system and its existing user system, when developing and deploying a new application component, the system service can work as a form of its identity authentication module, that is, new component applications can achieve equivalent functionality by integrating the service into the form, without having to redesign the user system.

⑶ has flexible usage patterns. This system management provides the user with many kinds of login means, including the traditional password logon or the allotment user identity card, the user may use this system service freely in various ways. In order to improve the security of the system and save the cost, we use the USB storage device, the personal information stored in it, the login authentication, achieved good results.