单点登录(Single Sign On),简称为 SSO,是比较流行的企业业务整合的解决方案之一。SSO 的定义是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统。
系统架构说明
- http://a.oss.centos.local
- http://b.oss.centos.local
- http://login.oss.centos.local (专门登录用的)
login 中的代码如下
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
| <?php session_start(); $url = $_GET['url']; if (isset($_SESSION['username'])) { header('Location: ' . $url . '?session_id=' . session_id()); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = $_POST['username']; $password = $_POST['password']; if (($username == 'test' || $username == 'peter') && $password == '123456') { $_SESSION['username'] = $username; if ($url) { header('Location: ' . $url . '?session_id=' . session_id()); } else { echo '欢迎您,访问' . $username . '的空间。'; } } else { echo '<h3>账号或密码错误,请输入账号:test,密码:123456</h3>'; } }
?>
<!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>login</title> </head> <body>
<form action="" method="post"> <h3>来路地址:<?php echo $url; ?></h3> <div> <label for="username"><input type="text" name="username"></label> </div> <div> <label for="password"><input type="password" name="password"></label> </div> <div> <input type="submit" value="login"> </div> </form>
</body> </html>
|
a 和 b 中的代码如下
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
| <?php $loginUrl = 'http://login.oss.centos.local/login.php?url=http://' . $_SERVER['HTTP_HOST']; if (!isset($_GET['session_id'])) { header('Location: ' . $loginUrl); }
session_id($_GET['session_id']); session_start();
$username = $_SESSION['username'];
if ($username) { echo "欢迎您,来到${username}的小屋."; } else { header('Location: ' . $loginUrl); }
|
写在最后,这只是一个简单的 oss 单点登录操作说明,实际中操作更为复杂。
评论加载中