Teach you how to design reusable SSO components (Design)

I went with my girlfriend over the weekend. I didn't write it. I'm sorry. I rushed to make it up after work.

The reusable design is mentioned here. The so-called reusable refers to the introduction of DLL, which can be used after configuration change, rather than openingSource codeChange east to west and then debug and debug the final OK. We try to improve the abstraction level to reduce system coupling.

First, the system requires a central authentication client consisting of multiple clients. Therefore, an SSO module and an PSO module are required. Both modules are composed of a tool class and an httpmodule.

Here, the Keeper class of SSO and the psoclient class of PSO are both httpmodule.

Keeper sets a URL in the configuration. It only listens to requests to this URL and is used to process requests from the PSO to query the SSO end for the existence of ssotoken. It contains the SSO logic.

Psoclient sets an exception list in the configuration. It listens to all requests outside the exception list and determines whether psotoken exists or whether the URL contains ssotoken. It includes the logic of the entire PSO.

Ticketcreator is a tool class used to generate ssotoken after a user logs on successfully.

These two components include all the logic, but there are some public things that we need to abstract (or they will become pasta-styleCodeNow :})

This project encapsulates the entire 3DES encryption and decryption, the logic of key generation, and the class usage in. Net encryption and decryption namespace is disgusting, so disgusting.

Encrypter encryption, decrypter decryption, Keymaker key generation, common is a common string operation class

This project contains all the basic logic of public data structures and operations, as well as the key retrieval and update function. To get rid of database dependencies, we use the file method here, in fact, to be honest, the efficiency is not low.

Keymanager is a key management operation class.

Psorequest is the structure of the ssotoken query request sent by the PSO to SSO and its operation class.

Ssoresponse is the structure of the request containing ssotoken sent to the PSO after the SSO authentication is successful and its operation class.

Ticket is the class used to operate the cookie ticket.

 

Practical Methods:

Introduce DLL to SSO site

Modify web. config

Add custom configuration and load httpmodule modules

In this way, the SSO site is configured.

Introduce DLL to the PSO site

Modify web. config

Add custom configuration and load httpmodule modules

OK

Now you can use keymanager to generate a key and IV file.

Check whether the Code has not been changed and you do not need to recompile it :}

 

The next chapter releases the main code and instructions

 

To be continue ......