如何使用单点登录集成两个应用程序 [英] How to integrate two applications using single sign on

问题描述

我有一个.net/Java应用程序(application1)，其中我必须将该服务集成到另一个使用Java设计的应用程序(application2)中，重要的是登录了application1的用户应该保持在appliation2.

I am having a .net/Java application (application1) in which I have to integrate a service which I have it on another application (application2) which has been designed using Java and important thing is that the user who logged in application1 should be maintained in appliation2.

我知道可以使用CAS身份验证作为解决方案，但是我不确定如果对此有任何想法，该如何实现.

I know CAS authentication can be used as a solution but I am not sure how this can be achieved if any idea on this kindly share.

推荐答案

CAS是基于令牌的单点登录的最佳选择，它也是安全的.CAS将以.war文件格式提供，您只需要将其部署到任何服务器(例如tomcat)，现在CAS就可以用作集中式身份验证系统.从您的.Net/Java应用程序中，您必须导入CAS客户端库，并进行xml配置以用于登录，注销和重定向.像这样，您还必须为其他应用程序(app2)重复同样的操作.

CAS is the best choice for token based single sign on purpose and it is secured one also. CAS will available as a .war file format, you just need to deploy it any server like tomcat, now CAS will work as a centralized authentication system. From your applications .Net/ Java you have to import CAS client libraries, and do the xml configurations for login , logout and redirection purpose. Like this the same one you have to repeat for other application (app2) also.

根据您的要求，第一个应用程序将成为父应用程序，因此您需要在父应用程序数据库中实现与cas相关的令牌表.在这种情况下，第二个应用程序级别无需检查密码，cas将使用第一个应用程序生成的令牌进行身份验证.

Based on your requirement may be the first application will be the parent one so cas related token tables you need to implement in your Parent application DB. in this case second application level no need to check for the password, cas will authenticate with the token generetd by the first application.

如果您希望CAS应该是您的父应用程序，那么在CAS用户数据库中，您应该具有用户的所有登录详细信息，例如用户名和密码等.一旦cas登录完成，您必须提供任何按钮或链接来打开其他应用程序，通过使用cas客户端库，如果用户名在其数据库中，其他应用程序也将获得身份验证.

If you want CAS should be your parent application In the CAS user data base you should have all login details of users like username and password ect. once cas login is done, you have to provide any buttons or links to open other applications, by using the cas client libraries other applications also will get authenticate if the user name is there in their Data base.

例如，请参考: https://docs.spring.io/spring-security/site/docs/3.0.x/reference/cas.html

这篇关于如何使用单点登录集成两个应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！