What is single sign-on?

  1. Single-server login scheme In single-server mode, after a user logs in to a single server, we use the Session object to store user login information. To determine whether a user logs in, you can directly obtain the information in the Session and check whether the user logs in.
  2. Login in a distributed system

As shown in the figure, the user isService 1After login, ensure that you are running on a different serverService 2 、3, can also get the user’s login information, this is calledSingle sign-on (sso).

Second, single sign-on solution

1.Session broadcasting mechanism is implemented

That is, after a user logs in, Session information generated by a single server is copied to all servers, wasting resources (users may quit using only one function, but all servers need to store the user’s Session).

2 Cookie + Redis implementation

Steps:

  1. After the user logs in, the information is stored in Redis where,

Key: indicates the user ID or other data that uniquely identifies the user. Value: indicates the user information.

  1. The key generated in REDis will be stored in the cookie of the browser. Every time the user visits the browser, the cookie information will be attached. We can get the key in the cookie and obtain the user data in Redis through this key (to judge whether to log in or not).

3. Use the token

After a user logs in, a special string (called token) with user information is generated for the user and returned to the user (either through cookies or the address bar).

At this time, when the user accesses other systems, we only need to attach the token, and the server continues to parse the token to obtain the user information. On the other hand, no token means no login