Schematic diagram of single sign-on authentication

Others 2021-01-28 03:58:13 views: null

The premise of the introduction: what is the session object??

Answer: The session object is usually a block of memory space and its memory value, a storage area (usually memory) used by the server to store the interactive data state of the user and the server. Session means a session, which generally exists in the cs/bs architecture.
For example, HttpSession and hibernate also have the concept of session, which refers to the session between the client and the server (the session above the connection is usually used to save temporary interaction state data).
Our http interface usually passes identity authentication when called Later, the concept of user session will be generated. Session exists in many forms. Traditional tomcat will produce it for you. Now that stateless server-side is popular, session is usually transferred to redis and implemented in redis memory space. 

————————————————————————————————————

Note: The cas.server.com in the above figure refers to the domain name of the identity authentication center server

            www.xx.com refers to the client web application service that accesses the cas server, and is also the business service url that the browser originally wants to access 

Make another request again, go into battle again!

Again and again

The last step is also the ultimate goal of re-initiating the original resource request

At this point, in the future, the browser will send request resource messages to the xx.com target service, the browser will no longer directly interact with cas (the request for cas will not be redirected), and the browser will only communicate with www.xx.com The target service interacts directly, and www.xx.com responds to the browser with the requested resource, which is described in the last process.

 

The above content is my inference from the following original online materials, and now the original online information, original text and legend are attached

I understand

TGT is the session object,

TGC is the sessionID to be stored in cookies,

And ST is the access token token distributed by cas 

The cas client is the www.xx.com interface service I cited

The cas server is the domain name of www.cas.server.com (central identity authentication and authorization server)

  cas —》: center  authentication/authorization  server

 

Let’s compare and understand it,

The level is limited, please understand for errors and omissions, welcome to communicate! 

Guess you like

Origin blog.csdn.net/zy103118/article/details/109066448
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com