Shulou(Shulou.com)11/24 Report--

What is single sign-on? Single sign-on (SSO,Single Sign On) is in the scenario of multiple application systems within the enterprise (such as attendance system, financial system, personnel system, etc.), users only need to log in once to access multiple application systems.

Similarly, users only need to log out once to log out from multiple application systems.

To put it simply, log in once, log in all! Log out at once, all at once!

The principle of the implementation of single sign-on is described as follows:

1. The first time a user accesses system A, he or she needs to log in.

two。 System A redirects to the authentication system with user login information.

3. The authentication system validates the user's login information.

4. After the verification is passed, a token is returned

Token is similar to an internal pass, which contains user identity information, login status and expiration time, and is shared among systems.

5. The authentication system redirects to system A with token and learns that the user is logged in.

6. System A returns the requested resource to the user.

7. When users access system B, they need to log in.

8. System B knows that the user is logged in through the shared token.

9. System B returns the requested resource to the user.

Token is timely, and if the user does not operate for a long time, the token will expire.

When the user visits system An and system B again after the expiration of Token, the login status has expired and it is necessary to log in again.

For logout scenarios, the process is similar to the above.

When the user actively logs out from system A, system A calls the authentication system to clear the token.

At this time, when the user visits system An and system B again, he knows through the shared token that the user is logged out and needs to log in again.

Summary single sign-on through the introduction of authentication system between the user and the system.

In the past, users need to log in / log out of each application system respectively, but now users only need to log in / log out of the authentication system separately.

The login status is shared among various application systems, which reflects the design concept of leaving simplicity to users and complexity to background systems. It greatly saves the user time and improves the user experience.

This article comes from the official account of Wechat: ZTE document (ID:ztedoc), author: ZTE document

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.