SSO single sign-on client docking, separation of front and back ends

Server 2020-10-03 17:41:38 views: null

SSO single sign-on client docking, separation of front and back ends

When the front and back ends are separated, there will be a data forwarding situation if you want to connect to the single sign-on, and the browser needs to save the cookie information, the item encountered is that if the browser does not have the cookie information, it will jump to the login to log in again , So in order to avoid jumping to the login page after single sign-on, I drew this flow chart, which clearly shows the request process of single sign-on in a project separated from front and back ends.
requires attention:

  • http://cas.socmap.org is the address of the single sign-on service.
  • The URL without the /api path is regarded as direct access to the previous address
  • The front-end project can directly access the back-end interface because the path /api/ is added in front of the back-end access interface in the previous project. If the path at the beginning of the url is /api/, nginx will forward the request to the back-end project.
  • If you need a single sign-on system to directly access the back-end interface, you need to add /api to the address of the service callback
  • After logging in to the single sign-on system for the first time, the cas service will 302 jump to the callback address sent with the ticket information.
  • After the back-end project receives the callback request, it will take the data of the ticket in the callback and go to the cas server to verify the validity. If it is valid, you can generate the session and cookie information used in your own system, and visit a redirect page in your previous project to save the user's cookie information in the browser. In this way, the cookie information in your project exists in the browser, and normal page requests can be made.

The user logs into the system for the first time

  • The login verification process adds the process of separating the nginx proxy and the front and back ends, as shown in the following figure: (Please pay attention to the redirect URL)

    Single sign-on front-end separation user login process

  • Similarly, the user exit process is divided into two situations, as shown in the following figure:

    Single sign-on user logout situation

  • From: xaohuihui
  • Hand rubbing is not easy, remember to like it

Guess you like

Origin blog.51cto.com/14612701/2539303
Recommended
Open signature electronic signature: stop new additions, optimize experience, and make progress (work before the May Day holiday)
Kaiyuan Daily | Open source front-end animation engine for middle school students; the world’s first Llama3 8B Chinese version open source model; Lenovo Computer may be out of business; Linus satirizes AI hype
Ranking
Fast data acquisition card in the acquisition and analysis of radar signals in Application Notes
Simple understanding of regular expressions
Wannafly Challenge 15 C "a team" (Josephus kind of problem)
[Self-study] Using python for data analysis LESSON6 <Introduction to pandas——Introduction to pandas data structure 2>
RAID implementations 116.211.146.88
2020 strongest dubbo face questions + Answer: architectural design services + + framework design cluster configuration
Introduction to GPS time
DOTween download address for each version
Deep learning and computer vision practical learning (0) - basic tools, NVIDIA driver and CUDA installation
[NOIP2012 Improvement Group] Borrow classroom
Daily
More
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)
2024-04-16(23)
2024-04-15(5)
2024-04-14(0)
2024-04-13(18)

Code World

© 2018 codetd.com