Single Sign-On (sign-on)
1. Single sign-on in the same domain
When you log in, set the domain of the cookie.
2. Cross-domain Single sign-on
The point is, how to save the login ID on the browser side.
Festival map: (Brain Tonic)
Three systems:
A.aaa.com
B.bbb.com
S.sso.com
Hypothetical condition: The user first opens the system without disabling cookies.
1, the user opens the browser to access a system requires login Authorization page, a system returns redirection information.
2, redirect to the s system, to log in.
3. After the login is complete, the S system returns redirection information, followed by a token after the redirect path.
4, when the information returned to the browser, the browser saves the s system login information , jump to a system.
5, a system verification token, verification through, open the corresponding page.
6, Access B system, B system returns redirection information.
7, the browser will save the s system's login system, carried to the S system .
8, s system, judged to have been certified. Returns redirection to System B, followed by token after the redirect path.
9, B System verification token, verification through, open the corresponding page.
Single Sign-on-sso