Abstract: Aiming at the drawback of general single sign-on solution to the Websites that has onerous coding and maintenance costs, this paper introduces reverse proxy to virtual concentration of Websites resources, combines it with Role-Based Access Control(RBAC) and LDAP, and proposes a new single sign-on model. According to the model, less coding is needed to the original websites, thus it has effective performance.

Key words: single sign-on, reverse proxy, Role-Based Access Control(RBAC), LDAP

摘要： 传统门户网站单点登录解决方案存在着对原有系统改动大、维护代价高的问题，该文利用反向代理机制实现网站群资源的虚拟集中，结合基于角色的访问控制(RBAC)模型及LDAP技术，设计并实现基于反向代理的单点登录解决方案。该方案不需要对原有系统进行接口编写和改造，具有优良的性能。

关键词: 单点登录, 反向代理, 基于角色的访问控制, LDAP技术

CLC Number: 

• TP393.07