区域卫生信息化中单点登录系统的设计与实现

针对区域卫生信息化平台中的多个应用系统的统一认证授权和单一登录，以及基于角色的访问控制模型不能直接应用到单点登录中等问题，提出了一种基于角色组的角色控制策略和JASIG-CAS相结合的统一身份认证系统。中央认证服务(CAS)服务端引用MyBatis技术有效展示了子系统信息，各个应用系统之间采用Axis2来实现用户信息同步，并利用Session存储用户在各个系统中的权限来减少对数据库的频繁访问，从而显著改善了平台的性能。该单点登录系统实现了统一用户管理、统一权限分配、统一平台风格样式等功能。最后，采用专业压力测试工具LoadRunner8.0对平台进行了性能测试和分析，测试结果表明该系统总体性能稳定，平台设计合理。

Design and implementation of single sign-on system in regional health informatization

To address unified authentication and authorization,Single Sign-On(SSO) of multiple applications and that the Role-Based Access Control(RBAC) model can not be directly applied to the SSO problems in regional health information platform,this paper proposed a method based on a combination of role group control strategy and JASIG-CAS unified identity authentication system.Central Authentication Service(CAS) server used MyBatis technology to effectively show the subsystem information.Axis2 was used between the various application systems to keep consistency of user information.Besides,the authors made use of Session to store each user’s permissions to reduce the frequency of database access,thus significantly improving the performance of the platform.The SSO system achieved functions including unified user management,uniform assignment of permissions,unified platform features and so on.At last,the professional pressure testing platform LoadRunner8.0 was applied to the test and analysis of performance.The testing results show the performance of the system is stable and the design of the platform is reasonable.