SSO(单点登录)

自己动手写SSO(单点登录)

标签: sso 登录 | 发表时间:2014-03-02 15:01 | 作者:

分享到:

出处:http://www.iteye.com

SSO在我们的应用中非常常见,例如我们在OA系统登录了,我们就可以直接进入采购系统,不需要再登录了,这样使我们非常方便。现在网上也有很多实现方法,于是乎我也想写一个看看。我主要用到的是cookie的机制。在此,分享给大家, 同时提供源代码下载

进入主题:

工程说明

SSO的实现一般是会有一个SSO Server,也会叫认证中心,同时也会有被认证的系统,如OA系统、采购系统等,他们就相当于SSO Server的client。

为了更形象体现SSO,我写的SSO是有三个工程:一个SSO Server端口为8081,一个OA系统端口为8082,一个采购系统端口为8083。如图:


  流程介绍

在整个SSO流程当,有两个流程非常重要,第一个是用户没有登录系统到登录系统的过程;第二是用户在一个系统当中已经登录(例如在OA系统中登录 了),但又想进入另一个系统(例如进入PRO系统)的过程,如果把这两个过程搞定了,那么SSO也就搞定了。我画了两幅图来说明这两个过程。

先看用户没有登录系统到登录系统的过程,如图:


 1:用户通过URL访问OA系统。

2:在OA系统中的filter发现这个URL没有ticket(你暂且就把ticket看做是门票),此时就会跳转到SSO Server。

3:SSO Server中的filter发现该客户端中的cookie中没有相应信息,也即是一个没有登录的用户,那么会跳转到登录页面。

4:用户在登录页面填写相应信息,然后通过post方式提交到SSO Server中。

5:SSO Server会校验用户信息(我为了快,我的校验方式就是要用户名为:cloud,同时密码为:cloud),同时在cookie中放username。

6:将生成ticket和username放到JVMCache中,在实际项目应该放到Memcached中,它的用处等下分析。

7,8:就是在用户访问OA系统的URL基础上加上了一个ticket参数,这样跳转到OA系统。

(此时进入OA系统时,filter发现URL是带ticket的,则filter会根据带过来的ticket并通过HttpClient的形式去调用SSO Server中的TicektServlet,这样就会返回用户名,其实这个用户名就是从JVMCache拿到的,同时马上将这个ticket从JVMCache中移除,这样保证一个ticket只会用一次,然后把返回的用户名放到session中)

9:session中有了用户名,说明用户登录成功了,则会去本应该返问的servlet。

10,11:将OA系统返回的视图给用户。

第二过程,用户已经登录成功了,但要访问另一个系统,如图:


  1:用户通过URL访问PRO系统。

2:在PRO系统中的filter发现这个URL没有ticket,此时就会跳转到SSO Server。此时,由于用户登录了,所以cookie中有相应的信息(例如用户名),此时SSO Server中的filter会生成一个ticket。

3:将生成的ticket和username放到JVMCache中。

4:就是在用户访问PRO系统的URL基础上加上了一个ticket参数,这样跳转到PRO系统。

(此时进入PRO系统时,filter发现URL是带ticket的,则filter会根据带过来的ticket并通过HttpClient的形式去调用SSO Server中的TicektServlet,这样就会返回用户名,其实这个用户名就是从JVMCache拿到的,同时马上将这个ticket从JVMCache中移除,这样保证一个ticket只会用一次,然后把返回的用户名放到session中)

5:session中有了用户名,说明用户登录成功了,则会去本应该返问的servlet。

5,7:将PRO系统返回的视图给用户。

关键代码

先看SSO Server工程中的代码:

pom.xml

(注意:端口为8081)

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.cloud.sso.server</groupId>
  <artifactId>sso-server</artifactId>
  <packaging>war</packaging>
  <version>0.0.1-SNAPSHOT</version>
  <name>sso-server Maven Webapp</name>
  <url>http://maven.apache.org</url>
  <dependencies>
      <dependency>
          <groupId>javax.servlet</groupId>
          <artifactId>servlet-api</artifactId>
          <version>2.5</version>
          <scope>provided</scope>
      </dependency>
  </dependencies>
  <build>
    <finalName>sso-server</finalName>
    <plugins>
      <plugin>
          <groupId>org.mortbay.jetty</groupId>
          <artifactId>jetty-maven-plugin</artifactId>
          <version>8.1.9.v20130131</version>
          <configuration>
              <stopKey>stop</stopKey>
              <stopPort>6000</stopPort>
              <webAppConfig>
                  <contextPath>/sso</contextPath>
              </webAppConfig>
              <scanIntervalSeconds>4</scanIntervalSeconds>
              <connectors>
                  <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
                      <port>8081</port>
                      <maxIdleTime>60000</maxIdleTime>
                  </connector>
              </connectors>
          </configuration>
      </plugin>
    </plugins>
  </build>
</project>

SSO Server中的filter

SSOServerFilter.java

package com.cloud.sso.server.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.cloud.sso.server.JVMCache;

public class SSOServerFilter implements Filter {

    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String service = request.getParameter("service");
        String ticket = request.getParameter("ticket");
        Cookie[] cookies = request.getCookies();
        String username = "";
        if (null != cookies) {
            for (Cookie cookie : cookies) {
                if ("sso".equals(cookie.getName())) {
                    username = cookie.getValue();
                    break;
                }
            }
        }

        if (null == service && null != ticket) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }

        if (null != username && !"".equals(username)) {
            long time = System.currentTimeMillis();
            String timeString = username + time;
            JVMCache.TICKET_AND_NAME.put(timeString, username);
            StringBuilder url = new StringBuilder();
            url.append(service);
            if (0 <= service.indexOf("?")) {
                url.append("&");
            } else {
                url.append("?");
            }
            url.append("ticket=").append(timeString);
            response.sendRedirect(url.toString());
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
    }

}

两个servlet:

LoginServlet.java

package com.cloud.sso.server.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.cloud.sso.server.JVMCache;

public class LoginServlet extends HttpServlet {
    private static final long serialVersionUID = -3170191388656385924L;

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doPost(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String service = request.getParameter("service");

        if ("cloud".equals(username) && "cloud".equals(password)) {
            Cookie cookie = new Cookie("sso", username);
            cookie.setPath("/");
            response.addCookie(cookie);

            long time = System.currentTimeMillis();
            String timeString = username + time;
            JVMCache.TICKET_AND_NAME.put(timeString, username);

            if (null != service) {
                StringBuilder url = new StringBuilder();
                url.append(service);
                if (0 <= service.indexOf("?")) {
                    url.append("&");
                } else {
                    url.append("?");
                }
                url.append("ticket=").append(timeString);
                response.sendRedirect(url.toString());
            } else {
                response.sendRedirect("/sso/index.jsp");
            }
        } else {
            response.sendRedirect("/sso/index.jsp?service=" + service);
        }
    }

}

TicketServlet.java

package com.cloud.sso.server.servlet;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.cloud.sso.server.JVMCache;

public class TicketServlet extends HttpServlet {
    private static final long serialVersionUID = 5964206637772848290L;

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        super.doGet(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String ticket = request.getParameter("ticket");
        String username = JVMCache.TICKET_AND_NAME.get(ticket);
        JVMCache.TICKET_AND_NAME.remove(ticket);
        PrintWriter writer = response.getWriter();
        writer.write(username);
    }

}

JVMCache.java

package com.cloud.sso.server;

import java.util.HashMap;
import java.util.Map;

public class JVMCache {

    public static Map<String, String> TICKET_AND_NAME = new HashMap<String, String>();
}

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <filter>
        <filter-name>ssoServerFilter</filter-name>
        <filter-class>com.cloud.sso.server.filter.SSOServerFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>ssoServerFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <servlet>
        <servlet-name>login</servlet-name>
        <servlet-class>com.cloud.sso.server.servlet.LoginServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>login</servlet-name>
        <url-pattern>/user/login</url-pattern>
    </servlet-mapping>

    <servlet>
        <servlet-name>ticket</servlet-name>
        <servlet-class>com.cloud.sso.server.servlet.TicketServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>ticket</servlet-name>
        <url-pattern>/ticket</url-pattern>
    </servlet-mapping>
</web-app>

下面是OA系统中的代码:

pom.xml

(注意:端口为8082)

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.cloud.sso.oa</groupId>
  <artifactId>sso-oa</artifactId>
  <packaging>war</packaging>
  <version>0.0.1-SNAPSHOT</version>
  <name>sso-oa Maven Webapp</name>
  <url>http://maven.apache.org</url>
  <dependencies>
      <dependency>
          <groupId>javax.servlet</groupId>
          <artifactId>servlet-api</artifactId>
          <version>2.5</version>
          <scope>provided</scope>
      </dependency>
      <dependency>
          <groupId>commons-httpclient</groupId>
          <artifactId>commons-httpclient</artifactId>
          <version>3.1</version>
      </dependency>
  </dependencies>
  <build>
    <finalName>sso-oa</finalName>
    <plugins>
      <plugin>
          <groupId>org.mortbay.jetty</groupId>
          <artifactId>jetty-maven-plugin</artifactId>
          <version>8.1.9.v20130131</version>
          <configuration>
              <stopKey>stop</stopKey>
              <stopPort>6000</stopPort>
              <webAppConfig>
                  <contextPath>/oa</contextPath>
              </webAppConfig>
              <scanIntervalSeconds>4</scanIntervalSeconds>
              <connectors>
                  <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
                      <port>8082</port>
                      <maxIdleTime>60000</maxIdleTime>
                  </connector>
              </connectors>
          </configuration>
      </plugin>
    </plugins>
  </build>
</project>

OA系统中的filter:

SSOClientFilter.java

package com.cloud.sso.oa.filter;

import java.io.IOException;
import java.net.URLEncoder;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;

public class SSOClientFilter implements Filter {

    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        HttpSession session = request.getSession();
        String username = (String) session.getAttribute("username");
        String ticket = request.getParameter("ticket");
        String url = URLEncoder.encode(request.getRequestURL().toString(), "UTF-8");

        if (null == username) {
            if (null != ticket && !"".equals(ticket)) {
                PostMethod postMethod = new PostMethod("http://localhost:8081/sso/ticket");
                postMethod.addParameter("ticket", ticket);
                HttpClient httpClient = new HttpClient();
                try {
                    httpClient.executeMethod(postMethod);
                    username = postMethod.getResponseBodyAsString();
                    postMethod.releaseConnection();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                if (null != username && !"".equals(username)) {
                    session.setAttribute("username", username);
                    filterChain.doFilter(request, response);
                } else {
                    response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
                }
            } else {
                response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
            }
        } else {
            filterChain.doFilter(request, response);
        }
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
    }

}

OAServlet.java

package com.cloud.sso.oa.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class OAServlet extends HttpServlet {
    private static final long serialVersionUID = 3615122544373006252L;

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.getRequestDispatcher("/WEB-INF/jsp/welcome.jsp").forward(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doGet(request, response);
    }

}

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <filter>
        <filter-name>ssoClientFilter</filter-name>
        <filter-class>com.cloud.sso.oa.filter.SSOClientFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>ssoClientFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <servlet>
        <servlet-name>list</servlet-name>
        <servlet-class>com.cloud.sso.oa.servlet.OAServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>list</servlet-name>
        <url-pattern>/list</url-pattern>
    </servlet-mapping>
</web-app>

下面是PRO系统的代码:

pom.xml

(注意:端口为8083)

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.cloud.sso.pro</groupId>
  <artifactId>sso-pro</artifactId>
  <packaging>war</packaging>
  <version>0.0.1-SNAPSHOT</version>
  <name>sso-pro Maven Webapp</name>
  <url>http://maven.apache.org</url>
  <dependencies>
    <dependency>
          <groupId>javax.servlet</groupId>
          <artifactId>servlet-api</artifactId>
          <version>2.5</version>
          <scope>provided</scope>
      </dependency>
      <dependency>
          <groupId>commons-httpclient</groupId>
          <artifactId>commons-httpclient</artifactId>
          <version>3.1</version>
      </dependency>
  </dependencies>
  <build>
    <finalName>sso-pro</finalName>
    <plugins>
      <plugin>
          <groupId>org.mortbay.jetty</groupId>
          <artifactId>jetty-maven-plugin</artifactId>
          <version>8.1.9.v20130131</version>
          <configuration>
              <stopKey>stop</stopKey>
              <stopPort>6000</stopPort>
              <webAppConfig>
                  <contextPath>/pro</contextPath>
              </webAppConfig>
              <scanIntervalSeconds>4</scanIntervalSeconds>
              <connectors>
                  <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
                      <port>8083</port>
                      <maxIdleTime>60000</maxIdleTime>
                  </connector>
              </connectors>
          </configuration>
      </plugin>
    </plugins>
  </build>
</project>

PRO系统中的filter

SSOClientFilter.java

package com.cloud.sso.pro.filter;

import java.io.IOException;
import java.net.URLEncoder;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;

public class SSOClientFilter implements Filter {

    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        HttpSession session = request.getSession();
        String username = (String) session.getAttribute("username");
        String ticket = request.getParameter("ticket");
        String url = URLEncoder.encode(request.getRequestURL().toString(), "UTF-8");

        if (null == username) {
            if (null != ticket && !"".equals(ticket)) {
                PostMethod postMethod = new PostMethod("http://localhost:8081/sso/ticket");
                postMethod.addParameter("ticket", ticket);
                HttpClient httpClient = new HttpClient();
                try {
                    httpClient.executeMethod(postMethod);
                    username = postMethod.getResponseBodyAsString();
                    postMethod.releaseConnection();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                if (null != username && !"".equals(username)) {
                    session.setAttribute("username", username);
                    filterChain.doFilter(request, response);
                } else {
                    response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
                }
            } else {
                response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
            }
        } else {
            filterChain.doFilter(request, response);
        }
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
    }

}

ProServlet.java

package com.cloud.sso.pro.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class ProServlet extends HttpServlet {
    private static final long serialVersionUID = -1334093914490423930L;

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.getRequestDispatcher("/WEB-INF/jsp/welcome.jsp").forward(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        super.doPost(request, response);
    }

}

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <filter>
        <filter-name>ssoClientFilter</filter-name>
        <filter-class>com.cloud.sso.pro.filter.SSOClientFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>ssoClientFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <servlet>
        <servlet-name>list</servlet-name>
        <servlet-class>com.cloud.sso.pro.servlet.ProServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>list</servlet-name>
        <url-pattern>/list</url-pattern>
    </servlet-mapping>
</web-app>

运行结果:

1:分别启动这三个工程。

2:访问OA系统,URL:http://localhost:8082/oa/list

3:这样到登录页面,如图:

4:用户名为:cloud,密码为:cloud,点击登录则会显示,如图:

5:然后去进入PRO系统,URL:http://localhost:8083/pro/list,则就不需要登录了,直接进入,如图:

时间: 2024-10-15 14:36:15

SSO(单点登录)的相关文章

sso单点登录

单点登录SSO的实现原理 单点登录SSO SSO单点登录.跨域重定向.跨域设置Cookie.京东单点登录实例分析

cas sso单点登录系列4_cas-server登录页面自定义修改过程(jsp页面修改)

转:http://blog.csdn.net/ae6623/article/details/8861065 SSO单点登录系列4:cas-server登录页面自定义修改过程,全新DIY. 目标: 下面是正文: 打开cas的默认首页,映入眼帘的是满眼的中文and英文混杂体,作为一名合格的用户,我表示很不开心. 于是,打开 Nodepad++,寻找C:\tomcat7\webapps\casServer\WEB-INF\view\jsp\default\ui \casLoginView.jsp这个页

SSO单点登录原理及实现

1.SSO分类 根据实现的域不同,可以把SSO分为同域SSO.同父域SSO.跨域SSO三种类型. 2.SSO实现原理 a.打开统一的登录界面 b.登录,同时向服务器写入Cookie c.进入其他应用 d.判断是否有对应的Cookie 如果没有则进入统一的登录界面 如果有则进入下一步验证 e.服务器验证Cookie的有效性 如果有效则进入下一步 如果无效则打开统一的登录界面 f.成功进入应用页面 3.同域SSO的实现 a.定义一个公共的登录页面 登录页面是通过访问不同路径的action跳转而来.

CAS实现SSO单点登录原理

1.      CAS 简介 1.1.  What is CAS ? CAS ( Central Authentication Service ) 是 Yale 大学发起的一个企业级的.开源的项目,旨在为 Web 应用系统提供一种可靠的单点登录解决方法(属于 Web SSO ). CAS 开始于 2001 年, 并在 2004 年 12 月正式成为 JA-SIG 的一个项目. 1.2.  主要特性 1.   开源的.多协议的 SSO 解决方案: Protocols : Custom Protoc

学习CAS实现SSO单点登录

网上找了几篇比较详细的教程,在这记录一下: 原理: CAS实现SSO单点登录原理 教程: 1.CAS实现单点登录(SSO)经典完整教程 2.SSO之CAS单点登录实例演示 3.CAS单点登录(SSO)完整教程 有可能出现的问题解决方案: 1.unable to find valid certification path to requested target javax.net.ssl.SSLHandshakeException: sun.security.validator.Validator

NET Core 2.0使用Cookie认证实现SSO单点登录

NET Core 2.0使用Cookie认证实现SSO单点登录 之前写了一个使用ASP.NET MVC实现SSO登录的Demo,https://github.com/bidianqing/SSO.Sample,这个Demo是基于.NET Framework,.NET Core 2.0出来了试着使用ASP.NET Core尝试一下.假如我们有三个站点 domain.dev order.domain.dev passport.domain.dev domain.dev作为我们的主站肯定是可以匿名访问

SSO单点登录三种情况的实现方式详解

单点登录(SSO——Single Sign On)对于我们来说已经不陌生了.对于大型系统来说使用单点登录可以减少用户很多的麻烦.就拿百度来说吧,百度下面有很多的子系统——百度经验.百度知道.百度文库等等,如果我们使用这些系统的时候,每一个系统都需要我们输入用户名和密码登录一次的话,我相信用户体验肯定会直线下降.当然,对于个人博客这类系统来说根本就用不上单点登录了. 假如,我们的系统很庞大,但是就是这一个系统,并没有什么子系统.这时我们也不需要单点登录.我们需要的是搭建集群环境,这里虽说只有一个系

SSO(单点登录)与旅游年卡

SSO(单点登录)与旅游年卡 SSO英文全称Single Sign On,单点登录.SSO是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统.它包括可以将这次主要的登录映射到其他应用中用于同一个用户的登录的机制.它是目前比较流行的企业业务整合的解决方案之一.(来自百度百科) 旅游年卡:一次办卡,多个景点游玩.避免了每个景点排队买票浪费时间影响心情. 我喜欢逛,07年广州一行让我爱上了旅行.十年间转战祖国大江南北.东到浙江苏州上海,南到广东珠海澳门,西到宜昌长江三峡,北到首都长

ofbiz SSO 单点登录

 1.ofbiz单点登录介绍 ofbiz点单登录是集成了CAS SSO,LDAP使用的,具体的CAS与LDAP怎么应用,在这里不做介绍. 2.ofbiz点单登录文档 ofbiz 12版本中,有英文的简单的ofbiz单点登录的问题. 路径在:apache-ofbiz-12.04.01\framework\documents\SingleSignOn.xml 3.ofbiz单点登录目录 ofbiz  单点登录集成的目录在:apache-ofbiz-12.04.01\specialpurpose\

CAS实现SSO单点登录原理(转)

1.      CAS 简介 1.1.  What is CAS ? CAS ( Central Authentication Service ) 是 Yale 大学发起的一个企业级的.开源的项目,旨在为 Web 应用系统提供一种可靠的单点登录解决方法(属于 Web SSO ). CAS 开始于 2001 年, 并在 2004 年 12 月正式成为 JA-SIG 的一个项目. 1.2.  主要特性 1.   开源的.多协议的 SSO 解决方案: Protocols : Custom Protoc