Single Sign-on

What is single sign-on?

Single Sign-on, or SSO, is one of the most popular solutions for enterprise business integration at the moment. The definition of SSO is that in multiple application systems, users can access all trusted applications with only one login.

How to implement single sign-on

Using cookies as a voucher medium

The simplest way to implement a single sign-on is to use cookies as a medium to store user credentials.

After the user logs in to the parent app, the app returns an encrypted cookie that, when the user accesses the sub-app, carries this cookie, authorizes the app to decrypt the cookie and checks it, and checks to log in to the current user.

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/89/C4/wKioL1gcKa3xuiSYAADozfjqaPQ359.jpg-wh_500x0-wm_3 -wmp_4-s_3166792663.jpg "title=" 79702-b33138a8d24fc12b.jpg "alt=" Wkiol1gcka3xuisyaadozfjqapq359.jpg-wh_50 "/>

A cookie exists in the browser when the user logs on

private void initcookie (string pin)  {try { Cookievalidate cookievalidate = new cookievalidate (); Cookievalidate.setpin (PIN); Cookievalidate.setceshi (Securityutil.md5 (New stringbuffer (Cookieencrypt.get ("DesPrefix")). Append (PIN). Append (Dateutil.formatdate (New date ())). ToString ()); Cookievalidate.settest (Securityutil.encrypt (new  stringbuffer (PIN). Append (","). Append (Dateutil.formatdate (New date ())). ToString (),  Cookieencrypt.get ("Deskey")); Cookievalidate.setip (SECURITYUTIL.MD5 (request)); Cookievalidate.setbrower (SECURITYUTIL.MD5 (Request.getheader ("user-agent")); String cookiestring = escapeutil.escape (Jsonutil.tojson (cookievalidate)); Cookieutil.createdcookie (Cookieencrypt.get ("Logincookiename"), cookiestring, -1);}  catch  (exception e)  {log.error ("###### initcookie error ######",  e);}} 

Log in the interceptor to determine if the cookie resolves the correct user

If you do not jump to the login page correctly

The problem with this approach:

1. Cookies are not safe

2, can not be implemented across the domain to avoid landing

Single Sign-on