Single Sign-on system, referred to as SSO. Here's a simple implementation I've spent a few hours writing. Special to the realization of ideas and share with you.
Background: A project uses ASP. NET membership to make membership system, need to log on multiple systems simultaneously. The project developer cannot do single sign-on based on the membership.
Therefore, this single sign-on system needs to be able to seamlessly integrate into any system in these systems as a service side.
Let's take a look at the specific implementation steps, the impatient friends can be read directly on GitHub: (https://github.com/newmin/cms/blob/master/extend/Ops.Cms.Extend/SSO/):
A. The primary method for defining SSO:
1. Client needs to include: Login, logout, get session
1 usingSystem;2 usingsystem.web;3 usingOps.Cms.Extend.SSO;4 5 namespaceOps.Cms.Extend.SSO.Client6 {7 Public Interfaceisessionclient8 {9 /// <summary>Ten ///Handling SSO Requests One /// </summary> A /// <param name= "context" ></param> - voidHandlessorequest (HttpContext context); - the /// <summary> - ///Get Session - /// </summary> - /// <param name= "SessionKey" ></param> + /// <returns></returns> - sessionresult getsession (String sessionkey); + A /// <summary> at ///Get session key - /// </summary> - /// <returns></returns> - String Getsessionkey (); - - /// <summary> in ///Sync Login - /// </summary> to /// <param name= "user" ></param> + /// <param name= "pwd" ></param> - /// <returns></returns> the ssoresult Login (string user, string pwd); * $ /// <summary>Panax Notoginseng ///Sync Log Out - /// </summary> the /// <param name= "SessionKey" ></param> + /// <returns></returns> A ssoresult Logout (String sessionkey); the } +}
2. The server needs to process the client's request, including the management of the session, and the client's registration
usingSystem;usingSystem.Collections.Generic;usingSystem.Text;usingsystem.web;usingOps.Framework.Extensions;namespaceops.cms.extend.sso.server{ Public classSessionserver {/// <summary> ///Registering Clients/// </summary> /// <param name= "url" ></param> Public voidRegisterClient (String URL)/// <summary> ///Session Management/// </summary> PublicSessionManager SessionManager/// <summary> ///Session Service Response/// </summary> PublicString Process (HttpContext context)/// <summary> ///Login/// </summary> /// <param name= "usr" ></param> /// <param name= "pwd" ></param> /// <returns></returns> PrivateSsoresult Login (stringUsrstringpwd)/// <summary> ///Exit Login/// </summary> /// <param name= "SessionKey" ></param> /// <returns></returns> PrivateSsoresult Loginout (stringsessionkey)}}
2.1 Client Registration
The client is registered, and when the login/logout results are returned, all clients are requested for synchronization.
2.2 Session Management
Need to store the relationship between the members and the session key, in this implementation I used the KV database, leveldb to support.
It also defines isessionset, which means that the session can be stored in any way, as long as the Isessionset interface is implemented
ISessionSet.cs
namespaceops.cms.extend.sso{/// <summary> ///Session data Collection/// </summary> Public InterfaceIsessionset {/// <summary> ///Update session Information/// </summary> /// <param name= "key" ></param> /// <param name= "value" ></param> /// <returns>return to previous session information</returns> stringPut (stringKeystringvalue); /// <summary> ///Delete Session information/// </summary> /// <param name= "key" ></param> voidDelete (stringkey); /// <summary> ///Get session Information/// </summary> /// <param name= "key" ></param> stringGet (stringkey); }}
Three. Verify Members
Because the member does not exist in this SSO, the delegate is defined, and the delegate is passed in when the server is initialized.
namespaceops.cms.extend.sso{/// <summary> ///Login Processing/// </summary> /// <param name= "usr" ></param> /// <param name= "pwd" ></param> /// <returns>back to PersonID</returns> Public Delegate intSsologinhandler (stringUsrstringpwd);}
The delegate returns an int value, which is the member's number, so we also need to define a delegate to get membership information
namespace ops.cms.extend.sso{ //<summary>// personnel get handling events /// </summary> /// <param name= "personId" ></param> /// <returns></returns> Public Delegate Person Personfetchhandler (int personId);}
Four. Start the service side
At this point, we have completed the basic implementation.
PS: Long time no blog, good hard. Attach Demo directly:
Https://github.com/newmin/cms/blob/master/extend/Ops.Cms.Extend/SSO/Demo/server.ashx.cs
teach you to develop a single sign-on system for ASP.