Two Web site data synchronization and login issues (how CSDN? ）

Two Web site data synchronization and login issues (Csdn How to do?) ）
Hi
The project encountered a problem, want to listen to your ideas

There are two websites, one developed with ASP, and the database is MSSQL
Another is PHP, the database is MySQL, now need to do:

Two Web site user data synchronization, that is, registered on any one site, on another site can log on, in addition to the login information to synchronize, but also need to synchronize points, that is, on two sites to engage in some behavior, can earn points, two sites can spend these points

Two sites deployed in the same room, the Web server can be high-speed access to the DB server, two sites with the same domain name of the different sub-domain, want to ask what ideas to let the two sites in sync, how to achieve a single sign on, there is no more mature approach or framework can be selected?

In addition: 1 "two stations" is not cross-domain ~ ~ 2 I also want to ask how csdn is integrated with Uchome?

Thank you

------Solution--------------------
You give a little bit of Ah!


About the effect you say! There are many ways to achieve it!

1.webservice

2. Share a subset of database data (anyway a room)

3.xxxx mode
------Solution--------------------
Using ucenter requires you to have an ASP decryption protocol the same as PHP.

The rest is easier.

The login information is distributed and synchronized by Ucenter.


If you use Web services, this can only be passive. Exit is out of sync.

Passive, need to check the webserver to check if there is no login or exit. If there is, then, consider logging in. This requires procedures often or when necessary, to check for webserver. If an app exits, he won't quit unless another program checks.




------Solution--------------------
Can be achieved by sharing the session:

See Ucenter synchronization mechanism talk about SSO

First of all, SSO (Single Sign-on), its general principle is that the site will have a common user authentication system, all the login log out are handled by this system. We can understand it as a site C, now have a B two sites need to synchronize, when the user access a, a first to visit C, to see if the user has registered in C, not directly jump to C to log in, after successful jump to a, and a cookie to retain the user information. At this point a login succeeds. When the user visits the B site, the system will return the value of the cookie to the authentication server, verify that it is legitimate, if legitimate, that the user has logged in, no need to re-login, if there are more sites, the same reason, so that the implementation of multiple site synchronization function. (The user session mechanism for each site here can be different, we can make each site build its own app session information based on the information returned by the authentication end.) ）

So in order to complete a simple SSO feature, two parts of the collaboration are required:
1, unified identity Authentication Service.
2, modify the Web application, so that each application through this unified authentication services to conduct identity verification.

Say Ucenter, mention this, used Hong Sing product person certainly very familiar, is it will Hong sing of many products link together, DISCUZ, Supesite, Uchome and so on, can through it to do user synchronization. The previous article "Ucenter Cross-domain, single-point landing mechanism analysis"

Http://www.trindo.cn/? ACTION=SHOW&ID=60 has roughly analyzed its implementation mechanism, mainly or log out of any site, to batch processing all existing in the Ucenter site list, to achieve its principle of synchronization.

Seeing here, we can see that the ucenter is actually a simple sso. But it has limitations, when the need to synchronize the site more time, ucenter processing will be very difficult (this is a lot of netizens should have deep experience). And if we use a common processing mechanism, no matter how many sites, it is not affected at all. Because only when we use a site, this site will interact with the authentication system, will not waste resources.

A time ago to do a project encountered a JSP site and PHP site synchronization requirements, here I used a synchronous PHP file, the main purpose of this file is a PHP and JSP encryption and decryption general function Encrypt,decrypt. The authentication system is written in JSP. This PHP synchronization file is included in the user needs to log in, when the user access to this page, (if already logged in the main station) the system will be the local presence of the cookie information to the authentication system, after the authentication process, if it is correct to return the user name, on the side of PHP can be based on the user name to handle the session here To achieve the purpose of login, if the authentication fails, then jump directly to the authentication system for certification.

