. NET implementation of single sign-on research process summary--"SSO"

One, single sign-on implementation results:

After the permission system is logged in, the newborn system can access the system through the interceptor, and the user logs off, destroys the local cookie, accesses the new link, and automatically jumps to the login homepage.

second, the main problems encountered:

Implementing cross-domain sharing of local cookies

Three, the solution:

1. After adding a ticket ticket=guid to the URL address and then depositing the ticket into the cache, the interceptor intercepts the permissions, obtains the parameters behind the ticket, and compares it to the local cache to determine if it can log in.

Reason for failure: The address and parameters of the browser cannot be obtained from the normal class.

2. Deposit user information to local cookie, Memacache as third-party cache, authenticate with local cookie and Memacache user login information when authorization is verified.

Reason for failure: the cookie deposited in Memacache cannot be removed.

3. Through the IO stream, the user information is stored locally, allowing the subsystem to log in when the interceptor intercepts the IO stream to obtain user authentication information.

Failure Reason: The subsystem is unable to monitor the TXT file containing the user's information.

4. Deposit cookies via the Var membervalidation = FilterContext.HttpContext.Request.Cookies.Get ("Selfuserinfo ") to obtain local cookies that enable authentication of local cookie information.

Four, feel:

1. Learn to stand on the shoulders of giants.

Initially want to all handwritten cas, but occasionally found that MVC comes with the method of log-generated tickets, through the bottom of learning these methods, not afraid of not knowing, afraid not to know

2. The black Cat White cat catches the mouse is the good cat.

The result of a single sign-on is simply to log in to a system that can access other trusted system applications, exit the system, and then exit the application.

Whether Java or. NET, this is good, not necessarily with the Java CAS login exactly the same.

3. Pair programming efficiency is high.

Different classmates, not the same idea, pair programming is not boring, the goal is consistent, high efficiency.

4. Study with the great God can learn a lot of things.

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

. NET implementation of single sign-on research process summary--"SSO"