Java Single Sign-on

Source: Internet
Author: User

About Single sign-on issues, we must be in the project, or go out to interview is certainly more or less encountered similar problems, the following I have summarized the theoretical knowledge of the implementation of the code is not necessary.

Java single-system implementation of single-sign-on the original as follows:

1, the user first login, send the user name and password, enter the system, the system to verify.

2. Verify that the user is correct if the login page is not correctly returned, if correct, create a session and hold an ID value to send to the user.

3, the user page to get the ID is generally stored in the cookie.

4. The next time a user needs to request a resource, send the ID value directly in the cookie plus the resource that needs to be requested.

5, get this ID after judging whether the correct and then return the resources to the user, if there is no such ID content, and back to the first step.

In Java, distributed systems implement single sign-on as follows:

1, the user first log on, send the user name and password, enter the login server, verify success, create a token, and then give the home System 1 authorization token, home System 1 will create a session.

2, the user in the request System 2, the System 2 does not know whether the user is logged in, and then after the request to the login server, the login server will see if there is an authorization token, if any, return to System 2, let system 2 create a session.

4, the first time the user requests for this system, will go to the login server for verification, after verification, there is no need to verify again.

5, when the user chooses to log off, only need to send out the instructions sent to the login server, the login server will be the user in the entire subsystem logoff.

It was just a summary of a single sign-on blog, and I felt that it was too long and summed up several key points.

Java Single Sign-on

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.