R1 Framework is the basic platform for R1 component integration support environment. You can see the location of R1 Framework in the following chart:
Key functions of R1 Framework are as follows:
£±¡¢Directory service
Directory service is to conduct unified management of common resources based platform applications in the form of directory and provide basic services.
Directory service can cover the whole industry/enterprise application system and support standard LDAP protocol.
¡¡£¨1£©Staff directory management: The platform provides unified staff basic information management function and centralized maintenance of staff information. It also provides unified API service for upper-layer applications and allows upper-layer applications to extend related information;
¡¡£¨2£©Institutional organization directory management: It provides unified institutional organization management function and associates with staff directory management.
£²¡¢Application system security support
¡¡£¨1£©System sign-on access supports multiple security strategies (password security strategy, IP restriction strategy, etc);
¡¡£¨2£©User application access security. It can ensure the overall management of the system manager and the internal management of various business departments;
¡¡£¨3£©User behavior record and anti-denial;
¡¡£¨4£©System operation state record;
£³¡¢Application support for centralized management
The platform enables users to implement single sign-on and subsystem authority while using various application software.
¡¡¡¡¡¡Provide strong single sign-on (SSO) suppor
 |
Key enhanced features:
- LTPA authentication mechanism based on cross-application server provides good transplantability;
- Platform development-based application inherits the SSO ability and is transparent to developers;
- Support B/S (Java, .NET application) and C/S (common Win32 application) and one-stop sign-on. Only little change needs to be done for existing applications. It also can provide second sign-on support for existing applications that cannot be changed;
- Support user¡¯s adoption of PKI security system. It uses the CA authentication system to implement user authentication and single sign-on;
- Introduce platform trust domain. Within the trust domain, mutual SSO roaming and random switch can implement among multiple platform;
- Support the application to cross multiple browser domains, enabling users to integrate applications from various domains;
- Support the integration with application server JAAS sign-on and provide standard integration;
¡¡¡¡£¨2£©Provide unified staff authority management function
Comply with RBAC (role-based access control) authority management specifications, ensure unified authority control, support role authority allocation according to staff, organization, ranking, post and complicated expression formula, and support entrust and graded management of the authority. Various application software use the platform authority management function to control the access. The data-level authority shall be implemented by the application itself.
¡¡¡¡£¨3£©Support the adoption of ASP (Application Service Provide) approach to dynamically construct the application system.
(Example: application assembly with R1) |
