Single sign-on Learning (1) Concept Chapter

1. What is single sign-on.

Single sign-on refers to the need to authenticate users only once in multiple application systems, can be accessed in each system, with two core features, one for centralized authentication, and the second for distributed environments that apply to multiple systems--if it's just an application, it doesn't make any sense.

2. Why do single sign-on.

More than a few sets of applications may be deployed in the enterprise today, if there is an ERP system, the system has its own user name certification system, there is a human resources management system, but also has its own user name and authentication system, an enterprise in such applications there are many, so you have to remember the N-user name, n more than the password, is deadly, Login to the ERP, want to use the human resources relationship system, sorry, you have to enter the human resources system username and password to do. There are some problems with this simple example--is there a solution, but I just need to enter the username and password once, and then I can use it in these systems. This can be, this is the single sign-on SSO (Sign on).

Certification process:

The core features of SSO have been introduced, and all requests for application systems are uniformly delegated to CAS services for authentication, as shown in

3. How to achieve single sign-on.

The above diagram has already described some, the simple talk mainly has two points, one point is the centralized authentication, after the authentication the CAS will issue a ticket--similar jsesionid to the current request, this dongdong provides the certificate which verifies between the CAS server and each business system, Therefore, it is required that each business system must also be able to resolve to obtain the ticket information