最佳实践构建SSO系统 [英] Best Practices for Building a SSO System
问题描述
我希望建立一个单点登录系统所使用基于表单的身份验证的几个Web应用程序。
I am looking to build a Single-signon system for a couple web apps that used form based authentication.
他们的方式,我设想这是我的SSO系统将处理对Active Directory认证通过通过验证到所需的Web应用程序时,曾经使用过,通过我的SSO门户网站点击的链接。
They way that I envision it is that my sso system would handle authentication against active directory pass the verification through to the desired web app when ever the used clicked a link through my sso portal.
什么是可以建立这样的事情的最好方法是什么?
What might be the best way to build something like this?
推荐答案
当用户访问应用程序的URL没有一个会话cookie,他将被重定向到SSO系统。然后,他登录到SSO形式,然后重定向他回带票ID的应用程序,你可以看一下在SSO系统以获得cridentials。
When a user accesses an application URL without a session cookie, he is redirected to the SSO system. He then logs into the SSO form, which then redirects him back to your app with a ticket ID that you can look up in the SSO system to get cridentials.
Also, take a look at Crowd and CAS.
这篇关于最佳实践构建SSO系统的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!