Questions about data synchronization and login between the two websites (how does CSDN do ?)

Source: Internet
Author: User
How does CSDN implement data synchronization and login for two websites ?) I encountered a problem in the hi project. I would like to hear from you that there are two websites: one is developed using asp.net, the other is mssql, and the other is php. the database is mysql. now we need to do this: the user data of the two websites is synchronized, that is, the user data is registered on any website and can be logged on to the other website. in addition to the login information to be synchronized, the points must also be synchronized, that is to say, if you do some behavior on both websites, you can get the problem of data synchronization and login between the two websites (how does CSDN do ?)
Hi
I have encountered a problem in the project. I 'd like to hear your thoughts.

There are two websites. one is developed using asp.net and the database is mssql.
The other is to use php and the database is mysql. now we need:

The user data of the two websites is synchronized, that is, the user data is registered on any website and can be logged on to the other website. in addition to the login information to be synchronized, the points must also be synchronized, that is to say, you can earn points for performing some actions on both websites. these points can be spent on both websites.

The two websites are deployed in the same data center, and the web server can access the db server at high speed. The two websites use different subdomains of the same domain name, I would like to ask if you have any ideas for synchronizing these two websites and how to implement single sign on. Is there any mature method or framework to use?

In addition, 1 "two sites" are not cross-domain ~~ 2. how is CSDN integrated with uchome?

Thank you.

------ Solution --------------------
You did not score much!


About what you said! There are multiple implementation methods!

1. webservice

2. share part of the database data (the opposite IDC)

3. xxxx method
------ Solution --------------------
Ucenter requires that you have an asp decryption protocol that is the same as that of php.

Others are easier.

The ucenter distributes and synchronizes logon information.


If you use web services, this may only be passive. Exit and do not synchronize.

Passive. when you need to check whether webserver has logged on or exited, go to the webserver. If yes, log on. This requires the program to check webserver frequently or whenever necessary. if one application exits, it will not exit unless the other program checks.




------ Solution --------------------
You can achieve this by sharing sessions:

View the UCENTER synchronization mechanism and talk about SSO

First, let's talk about SSO (single sign-on). the general principle of SSO is that the site has a public user authentication system, and all login and logout operations are handled by this system. We can understand it as Site C. now there are two sites in site A and B that need to be synchronized. when A user accesses Site A, A first accesses Site C to see if the user has registered in Site C, if not, log on to C directly. after successful logon, A is redirected to A, and a cookie is stored on A to retain user information. A is successfully logged on. When you access site B again, the system will return the COOKIE value to the authentication server together to verify whether it is legal. if it is legal, it determines that the user has logged on and does not need to log on again, if there are more sites, the principle is the same, so that multiple sites can be synchronized. (The user session mechanism of each site can be different here. we can make each site build the session information of its own application based on the information returned by the authentication end .)

Therefore, in order to complete a simple SSO function, we need to cooperate with the following two parts:
1. uniform identity authentication service.
2. modify the Web application so that each application performs identity verification through this unified authentication service.

Speaking of UCENTER, people who have used Kangsheng products must be familiar with this, that is, it associates many products of Kangsheng, such as DISCUZ, SUPESITE, and UCHOME, you can use it to synchronize users. Previous article: UCenter Cross-Origin and single-point login mechanism analysis

Http://www.trindo.cn /? Action = show & id = 60 has roughly analyzed its implementation mechanism. it mainly processes the list of all sites that exist in the UCENTER in batch when logging on to or from any site, the principle of synchronization.

We can see that UCENTER is a simple SSO. However, it has limitations. when there are many sites in the same step, UCENTER will be very difficult to process (many netizens should have a deep understanding of this ). If we adopt a common processing mechanism, no matter how many sites there are, it will not be affected. This is because only when we use a site will the site interact with the authentication system and will not waste resources.

Some time ago, when I had a project, I met the need to synchronize a JSP site with a PHP Site. here I used a synchronized PHP file, the main purpose of this file is to use a common function of encryption and decryption between PHP and JSP, encrypt and decrypt. The authentication system is written in JSP. This PHP synchronization file contains the location where the user needs to log on. when the user accesses this page (if the user has logged on to the main site), the system will throw the local COOKIE information to the authentication system, after authentication, if the authentication is correct, the user name is returned. on The PHP side, you can process the session mechanism based on the user name to log on. if authentication fails, then you can directly jump to the authentication system for authentication.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.