2015/9/22 22:35:50
Usually we use a single sign-on scenario where multiple applications need to share the user's underlying information and login status
2015/9/22 22:37:07
Several applications need to take into account these situations
1. Same main domain
2. Cross Domain
2015/9/22 22:41:17
I will analyze the use of the single sign-on scene, the characteristics of the scene, the way to achieve, problems encountered,
2015/9/22 22:42:29
After the user has logged in, we will record his login status
2015/9/22 22:43:26
Collect basic information (such as browser, IP access time) and set some parameters (ticket failure time), according to the corresponding rules to generate ticket
The ticket here serves as a checksum basis for the next time a user accesses a protected resource (the URL that needs to be logged in)
What are the characteristics of ticket?
2015/9/22 22:44:34
Timeliness, so here in the persistence, you can not first select the database, and select the cache
This is the part about ticket.
2015/9/22 22:45:24
Calibration for ticket
When a user accesses every protected resource, we need to check the ticket he's carrying.
See if the ticket is valid or expired
2015/9/22 22:46:23
Checksums can be divided into client checksums and service-side checksums
23:07:13
Here will be a single sign-on system, split into the client + service-side two parts, the client in the form of JAR package, service end of the service form
23:09:44
When the user first logs in, generate ticket, save the front-end session (distributed cache), and the back end for persistence
23:10:44
Storing ticket in cookies
There are two types of checksums (forms and asynchronous requests, get requests)
23:12:31
Get requests that can be cookie-session to the cookie backend via the client's interceptor in turn
Asynchronous request, through the front-end Package JS SDK, unified access, in turn to Cookie-session cookie-ticket value in the back end
23:14:10
Get request, for the user who needs to log in can make a page jump, and give the corresponding back-hop link
Asynchronous request, on the current access page, draw a frame, login verification
23:07:13
Here will be a single sign-on system, split into the client + service-side two parts, the client in the form of JAR package, service end of the service form
23:09:44
When the user first logs in, generate ticket, save the front-end session (distributed cache), and the back end for persistence
23:10:44
Storing ticket in cookies
There are two types of checksums (forms and asynchronous requests, get requests)
23:12:31
Get requests that can be cookie-session to the cookie backend via the client's interceptor in turn
Asynchronous request, through the front-end Package JS SDK, unified access, in turn to Cookie-session cookie-ticket value in the back end
23:14:10
Get request, for the user who needs to log in can make a page jump, and give the corresponding back-hop link
Asynchronous request, on the current access page, draw a frame, login verification
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
