This article describes how to implement SSO Single Sign-On in PHP (Laravel framework, for more information, see Laravel, a simple and elegant PHP Web development Framework ). It can free you from the messy code like a noodle; it can help you build a perfect web APP, and each line of code can be concise and expressive.
Simply put, I don't know whether I understand sso or not.
Assume that the three sites a.baidu.com B .baidu.com c.baidu.com
A.baidu.com.
B and c are used as clients (subsystems ).
B and c jump to a when they need to log on, and contain the source parameter to indicate the link to jump after login.
Site a is a common login method (user password verification). After the verification is successful, perform some processing. You need to generate a ticket. How can you create a ticket. And then stored in the Cache. If you have any questions, we will summarize them later. After successful login, you can directly jump to \ (url is enough.
" php private function getTicketUrl(\)source){\(ticket = md5(time()+key); Cache::put(\)ticket, $user, 120);$url = $source . '?ticket=' . $ticket;return $url;}
Assume that station a has taken ticket to Station B (B .baidu.com? Ticket = xxxxxxxxxxxxxxxx ")
Site B makes a global filter, accepts the ticket, and then requests Site a to verify whether ticket is generated by site.
The B-site filter App \ Http \ Middleware \ CasAuthenticate code. Here, you can determine whether ticket exists and send the request to site a for verification. If the user logs on, the user UID is obtained for login.
public function handle($request, Closure $next){$ticket = $request->input('ticket');if ($ticket) {$result = json_decode('http://a.baidu.com' . '/auth/check-ticket?ticket=' . $ticket), true);if ($result['state'] == "SUCCESS") {$request->session()->flush();Auth::loginUsingId($result['result']['uid']);return redirect(redirect()->getUrlGenerator()->current());}}return $next($request);}
The logic is complete, but there are several questions.
1. I have no idea whether this is true or not. I wrote it based on the principle.
2. assume that site B is now redirected to Site c. Because Site B is active frequently, sessions are always there, and the cache time of Site a is likely to have expired. At this time, the site B is redirected to Site c, station c jumps to Station a to determine the login, and the result shows that the login has expired. Therefore, this is a problem. We do not consider this problem because our business module has poor relevance and will not jump randomly. But this is indeed a problem for me. I have no idea.
For the PHP implementation method (Laravel framework) of SSO Single Sign-on, I would like to introduce you so much and hope to help you!