Demo of cross-platform, cross-server, cross-site SSO (Single Sign-On) Solution

Login

1. Open website a to log on;

2. Check whether the login server is available;

3. If the login server is available, check that the Login Server session is not created;

4. Redirect to the page of website a and accept serialized data composed of keys and UIDs sent from the login server;

5. the obtained key is 1, indicating that the Login Server session has not been created. The session is created on website, after logon, use <SCRIPT> to access the page on the login server to create a session and record the website name and website logout page address;

6. log on to website B and check whether the login server is available;

7. If the login server is available, check that the Login Server session has been created and the website name and website logout page address have been recorded;

8. Redirect to the page of website B and accept serialized data composed of keys and UIDs sent from the login server;

9. If the obtained key is not 1, it indicates that the Login Server session has been created, and the key is verified in the database. After the verification is passed, the session is created on website B.

Logout

1. Each website has a Logout button. click the button to clear the local session first;

2. Check whether the login server is available;

3. If available, go to the login server logout page;

4. Generate a logon page pointing to the logout page of each website based on the logged-on website name and logout page address stored in the session;

5. After successfully logging out, the page will display an image (the image stream is returned). If logout fails (the page cannot be accessed), the local logout failure image will be displayed.

 

Features

1. the login server can log on and log out from each website even if it is down;

2. cleverly use the temporary guid for verification token;

3. Use script and img src to access the logon and logout page to create and cancel a session.

Download complete code

Tested:
1. log on to the server and deploy the two websites on the three servers. log on and exit at the same time.
2. log on to the server and shut down. Both websites can log on and exit.

Note: Login and websitetest are respectively logon websites and test websites. During the test, websitetest is deployed to two servers, and login is deployed to the third server. Note the following in the web. config file of websitetest:
<Deleetask>
<Add key = "reglogin" value = "http: // PC-yzhu/login/default. aspx? Key = {0} logouturl = {1} name = {2} "/>
<Add key = "loginurl" value = "http: // PC-yzhu/login/default. aspx? Url = {0} logouturl = {1} name = {2} "/>
<Add key = "logouturl" value = "http: // PC-ywgong/website/logout. aspx"/>
<Add key = "name" value = "website"/>
</Appsettings>

This code is a test code, which is messy. If we have time, we will encapsulate everything into custom controls and classes.

Some netizens do not understand the basic principles. You can click here to download the simplest code.

Posted on lovecherry read (1734) Comments (15) EDIT favorites