Shulou(Shulou.com)06/02 Report--

This article mainly explains "what is single sign-on". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is single sign-on".

Single sign-on (SingleSignOn), referred to as SSO for short, is one of the popular solutions for enterprise business integration. SSO is defined as that in multiple application systems, users only need to log in once to access all the applications that trust each other.

Overview of single sign-on

In a very early company, a company may have only one Server, and slowly the Server began to increase. Each Server has to register and log in, and when you exit, you have to exit one by one. The user experience is very bad! You can imagine, on Douban to log in Douban FM, Douban reading, Douban movie, Douban diary. It's really gonna break people down. We want another login experience: a service under an enterprise only needs to register once, log in once, and log out once. How?

One registration. It's not difficult to register once. Think about it as long as you synchronize user information between Server. Yes, but this description is not complete. I will talk about it in more detail when users register later. In fact, the management of user information is the real difficulty of SSO, but as beginners, our difficulty lies in the implementation of SSO technology! Let's first discuss the means of implementation.

One login and one exit. Looking back at the story of an ordinary mall, what is the key to staying logged in? Recorder (session)? That kind of paper called cookie? ID written on paper? It's the information recorded in session and that ID,cookie is not just a tool to record ID. The client holds the ID and the server holds the session, both of which are used to maintain the login status. The client needs to use ID as the credential, and the server needs to use session to verify the validity of the ID (ID may expire, the corresponding information may not be found at all, and the corresponding client under ID has not yet carried out login verification, etc.). But session is unique to each server at the beginning. Douban FM has its own session, Douban Reading has its own session, and the cookie that records ID cannot cross domains. Therefore, if we want to log in and log out at a time, we only need to find a way to make each server share the information of a session, so that the client can hold the ID under each domain name. Furthermore, as long as each server gets the same ID, there is a way to verify the validity of the ID and get the corresponding user information of the ID, that is, to verify the ID [1].

Implementation method of single sign-on

Server end

In the way of how server groups generate and verify ID:

"sharing Cookie" is the way to share session mentioned above. I think it's better to call it "sharing session". In essence, cookie is just a medium for storing session-id, and session-id can also be placed in the url of each request. It is said that this way is not safe, I did not study in detail, which god can recommend the relevant information, I will make it up later. In fact, it is, after all, the mechanism of session is a server and a session from the very beginning, so it is a bit strange to take out session and let all server share it.

Thank you for your reading, the above is the content of "what is single sign-on", after the study of this article, I believe you have a deeper understanding of what single sign-on is, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.