-
What is single sign
-on Single sign-on, namely SSO (Single Sign On), means that in multiple application systems, users only need to log in once to access all mutually trusted application systems -
Single sign-on implementation principle
- When accessing a system, first obtain user information from the session. If it is null, then jump to the login server (with the access path of the system 1 browser in the url) to log in. After the login is successful, a token is generated, and the token: user information is placed in the redis cache, token_id: token is stored in the cookie of the login server, and then redirected to the system 1 browser (with token).
- The system 1 browser obtains the user information stored in the redis cache according to the token, and puts the user information into the session
- When accessing other trusted systems, first obtain user information from the session. If it is null, then jump to the login server (bring your own url to access the system). If there is token_id in the cookie of the login server, it indicates the previous other trusts. The system has been logged in, then the token value in the cookie is redirected to the accessed system page, the user information is obtained from the redis cache according to the token value, and the user information is placed in the session. So that the user only needs to log in once You can access the effects of all mutually trusted application systems.
- Implementation reference
code reference 233-235