PHP programming SSO detailed introduction and simple examples, php programming sso detailed introduction

Source: Internet
Author: User

PHP programming SSO detailed introduction and simple examples, php programming sso detailed introduction

Php sso details

SSO has three modes: ① Cross-subdomain single-point login ② full cross-point domain login ③ site group shared identity authentication

The first mode is simple. You only need to set the Cookie domain to the root domain of multiple applications.

The second method is to change the authentication address of the application to the same authentication address. Check whether the application is logged on to the authentication center each time. If yes, send an encryption token to the calling application.

The third type of cross-origin is to jump back and forth to verify that the token is slightly troublesome.

Configure directory structure

Create three new project directories under the root directory of the server:

|-/Website root directory/
|-/Oa/
|-/Bbs/
|-/Blog/

Create the functions. PHP script file in the root directory. The specific content is as follows:

<? Php/*** get login token * @ param string $ url get token address * 2017-01-03T13: 08: 43 + 0800 */function getToken ($ url) {$ bool = isLogin (); if ($ bool) {// if you log on to the header ('location: index. php '); exit () ;}// otherwise, you will not be logged in. Go to another site to check whether the header ('location :'. $ url) ;}// check whether the token is correct function yzToken ($ domain) {$ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; $ username = isset ($ _ GET ['username'])? $ _ GET ['username']: ''; $ token = isset ($ _ GET ['Token'])? $ _ GET ['Token']: ''; if (! Empty ($ username )&&! Empty ($ token) {$ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); // check whether the token is correct when a third-party site comes over. if ($ _ token ==$ token) {// set the Cookie setCook ($ username, $ _ token, $ domain); header ('location: index. php ') ;}}// set cookiefunction setCook ($ username, $ _ password, $ domain) {// The verification is successful. log on to setcookie ('username', $ username, time () + 3600, '/', $ domain); setcookie ('Token', $ _ password, time () + 3600, '/', $ domain ); Header ('location: index. php');} // determine whether to log on to function isLogin () {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token ==$ _ token) {return true;} else {return false ;}}?>

Under the oa project directory, create two script files: index. php and login. php.

Edit the index. php file

<? Php // OA site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user to visit the OA site";?>

Edit the login. php file

<? Php // OA site login system require '.. /functions. php '; // (2) Verify yzToken ('taoip. cn '); // (1) determines whether to log on to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if (empty ($ url) {getToken ('HTTP: // dengpeng. cc/login. php? Url = http://oa.taoip.cn/login.php');} // (1) determine whether a user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if ($ bool) {if (empty ($ url) {header ('location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ lurl = $ url .'? Username = '. $ username.' & token = '. $ token; header ('location:'. $ lurl) ;}} if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['Password'])? $ _ POST ['Password']: ''; // query the user password from the Database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['Password'] == _ password); // print_r ($ user); exit (); If ($ user ['Password'] == _ password) {// check successful, start logging on to setcookie ('username', $ username, time () + 3600, '/', 'taoip. cn '); setcookie ('Token', $ _ password, time () + 3600,'/', 'taoip. cn '); // if the URL has no value, it will be redirected to the homepage. Otherwise, it will be redirected to the URL page if (empty ($ url) {header ('location: index. php ');} else {header ('location :'. $ lurl) ;}}}?> <! DOCTYPE html> 

Create the index. php and login. php scripts under the bbs project directory.

Edit the index. php file

<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // BBS site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user to visit the BBS site";?>

Edit the login. php file

<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // BBS site login system require '.. /functions. php '; // (2) Verify yzToken ('taoip. cn '); // (1) determines whether to log on to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if (empty ($ url) {getToken ('HTTP: // dengpeng. cc/login. php? Url = http://bbs.taoip.cn/login.php');} // (1) determine whether a user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if ($ bool) {if (empty ($ url) {header ('location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ lurl = $ url .'? Username = '. $ username.' & token = '. $ token; header ('location:'. $ lurl) ;}} if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['Password'])? $ _ POST ['Password']: ''; // query the user password from the Database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['Password'] == _ password); // print_r ($ user); exit (); If ($ user ['Password'] == _ password) {// check successful, start logging on to setcookie ('username', $ username, time () + 3600, '/', 'taoip. cn '); setcookie ('Token', $ _ password, time () + 3600,'/', 'taoip. cn '); // if the URL has no value, it will be redirected to the homepage. Otherwise, it will be redirected to the URL page if (empty ($ url) {header ('location: index. php ');} else {header ('location :'. $ lurl) ;}}}?> <! DOCTYPE html> 

Under the blog project directory, create two script files: index. php and login. php.

Edit the index. php file

<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user and visit the blog site";?> <? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user and visit the blog site";?>

Edit the login. php file

<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site login system require '.. /functions. php '; // (2) Verify yzToken ('dengpeng. CC'); // (1) determine whether to log on. If you log on, you will be redirected to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if (empty ($ url) {getToken ('HTTP: // oa.taoip.cn/login.php? Url = http://dengpeng.cc/login.php');} // (1) determine whether a user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if ($ bool) {if (empty ($ url) {header ('location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ lurl = $ url .'? Username = '. $ username. '& token = '. $ token; header ('location :'. $ lurl) ;}/// (3) Determine whether the user has submitted data if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['Password'])? $ _ POST ['Password']: ''; // query the user password from the Database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['Password'] == _ password); // print_r ($ user); exit (); If ($ user ['Password'] == _ password) {setCook ($ username, $ _ password, 'dengpeng. cc '); if (empty ($ url) {header ('location: index. php ');} else {header ('location :'. $ lurl) ;}}}?> <! DOCTYPE html> 

Configure local VM

For specific configuration steps, I think everyone should have done it. I don't need to repeat it one by one. You just need to configure the ing with the corresponding directories of different domain names according to the reference given by me.

Domain name/project directory/
Oa.taoip.cn/oa/
Bbs.taoip.cn/bbs/
Dengpeng. cc/blog/

Congratulations, you have completed a simple SSO System

After the configuration is complete, remember to restart the Web server. Then you only need to visit these three different sites to achieve one site login, other sites no longer send login requests.

Thank you for reading this article. I hope it will help you. Thank you for your support for this site!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.