In-depth understanding of the principle of SSO, the project practice uses an excellent open source single sign-on project (with source code).
1. Introduction
Single Sign On (Single Sign On), referred to as SSO.
Its explanation is that in multiple application systems, users only need to log in once to access all mutually trusted application systems.
❝The
so-called login once, log in everywhere. Similarly, log out once, log out everywhere.
❞2
. Background
In the early days of our enterprise development, there were relatively few systems used within the enterprise, generally one or two, and each system had its own login function. It is still very convenient for operators to log in with their own accounts.
But with the development of the company, there are more and more systems in the company, such as OA system, CRM system, financial management system, equipment management system, etc. At this time, it is impossible to log in to every system, it will really collapse .
A reasonable approach is that users only need to log in once to access all mutually trusted application systems.
3. Review how to log in to the order system?
We all know that http is a stateless protocol, which means that when you log in successfully and request other interface servers, the server does not know that you have logged in before. then what should we do?
At this time, we will think of the combination of Cookie+Session to solve the http stateless problem.
If Cookie is to check the "passport" on the user to confirm the user's identity, then Session is to confirm the user's identity by checking the "customer list" on the server.
Then the complete login process here should be like this:
After the first login verification is successful, after