trydofor / professional-wings

WingsBoot=BKB+BoT+SpringBoot: ①quickly achieve business goals; ②timely repay technical debt; ③safely refactor programs and business. We advocate defensive programming, May The `false` Be With You !

https://wings.fessional.pro

Apache License 2.0

87 stars 10 forks source link

Wings user union login #21

Open trydofor opened 2 years ago

trydofor commented 2 years ago

Wings system can be associated with the login, similar to the SSO.

Ensure the independence of Wings account privilege system
Convenient SSO login
token recovery and kicking out of dangerous accounts.

Within a unified Hazelcast cluster, session sharing is possible. Non-cluster, to consider on-demand network invocation.

OAuth2/Oidc is more complex, and the token cannot be invalidated
SAML/CAS http-based BS architecture

trydofor commented 1 year ago

Consider using header: Auth-Ticket to build internal tokens based on Tickets

trydofor commented 1 year ago

The lightest non-intrusive solution is HttpSessionIdResolver

No changes to each app's own auth system, independent of each other
Union sessionId, get the current app's sid based on the sid mapping relationship
Authentication pull, logout push
global unique id

HttpSessionEventPublisher

trydofor commented 1 year ago

82

trydofor commented 1 year ago

https://github.com/spring-projects/spring-session/issues/11

fixed at 3.2.0 of Session and SpringBoot

trydofor commented 11 months ago

Oauth2 server release 1.2.0

https://docs.spring.io/spring-authorization-server/reference/index.html