Implementation of Single Sign-On in projects

Recently, I am working on a login function. After several days of struggle, I have been searching for a function that can implement Single-point logon elegantly. In the blog Park, I saw someone write an ugly and long eight-part article.ArticleAnd did not see anything valuable.

In fact, spof eventually solves the problem of cookie sharing among multiple different domain names. However, it is very difficult to share a cookie between different domain names. To create a cookie under a domain name, you must access the cookie.

Domain name. There are many ways to create an IFRAME on the Internet. You can see how to dynamically create an IFRAME implementation, and access the page of a domain name in the IFRAME to plant the cookie. This method requires writing some JS Code.CodeIt seems a little tired, so I finally

I chose to use page Jump. unexpectedly, the effect was much better than I expected, and the browser could hardly see any traces of jump.

The following process is described in detail:

1. The project has three different domain names: login.susucms.com, suhow.com, and sigcms.com. Login.susucms.com/login.aspxis the webpage. The function is implemented by using login.susucms.com/login.aspxwhen it is available.

2. Add an SSO. ASPX page under suhow.com and sigcms.com respectively.

3. When the user.

The core of the entire process is jump. No more. After testing, the server responds very quickly and almost does not feel any jump. Therefore, there are several domain names to jump to. I think there is no major problem.

Simple code:

1. login.susucms.com/login.aspx

 
If (islogin) {var login = new crossdomainlogin {key = guid. newguid (). tostring (), createtime = datetime. now}; datacontext. crossdomainlogins. insertonsubmit (LOGIN); datacontext. submitchanges (); writeauthenticationcookie (); response. redirect ("http://suhow.com/sso.aspx? Key = "+ login. Key );}
 

2. suhow.com/sso.aspx

Var key = request. querystring ["key"]; var login = datacontext. crossdomainlogins. firstordefault (I => I. Key = Key); If (LOGIN! = NULL) {// key will be expired in 3 minutes if (datetime. now> login. createtime. addminutes (3) {removekey (LOGIN); // delete key from database response. redirect ("http://login.susucms.com/login.aspx");} else {writeauthenticationcookie (); response. redirect ("http://sigcms.com/sso.aspx? Key = "+ login. Key) ;}} else {//....}
 

3. sigcms.com/sso.aspx

Var key = request. querystring ["key"]; var login = datacontext. crossdomainlogins. firstordefault (I => I. Key = Key); If (LOGIN! = NULL) {// key will be expired in 3 minutes if (datetime. now> login. createtime. addminutes (3) {removekey (LOGIN); // delete key from database response. redirect ("http://login.susucms.com/login.aspx");} else {writeauthenticationcookie (); removekey (LOGIN); // delete key from database response. redirect ("http://login.susucms.com/admin/default.aspx");} else {//....}
 

---------------- Update -------------------

The project is complex, and the website user's background displays the page content by IFRAME. Therefore, the cross-origin code is adjusted to the background page for execution.

The code for key expiration will not be pasted.

The link about hechong tianfa is not actually used for cross-origin.

1 VaR login = datacontext. crossdomainlogins. firstordefault (I => I. Key = Key );
 2       If (LOGIN! = Null )
 3 {
 4 Clientscript. registerclientscriptinclude ( "  Suhow  " , String . Format ( "  Http://suhow.com/sso.aspx? Key = {0} " , Login. Key ));
 5 Clientscript. registerclientscriptinclude ( "  Sigcms  " , String . Format ( "  Http://sigcms.com/sso.aspx? Key = {0}  " , Login. Key ));
 6 }