search

uniquejava / blog

My notes regarding the vibrating frontend :boom and the plain old java :rofl.
Creative Commons Zero v1.0 Universal
11 stars 5 forks source link

sso #247

Open uniquejava opened 6 years ago

uniquejava commented 6 years ago

How does single sign on work.

原理(正文+评论部分, 完美!) What is and how does Single Sign On Authentication work?

实战(node.js版本-不依赖任何框架从0开始) Building A Simple Single Sign On(SSO) Server And Solution From Scratch In Node.js.

传统的方式 01non-sso-scenario

cookie同源策略带来的问题 02same-origin-policy-forbids-this

sso架构图 03using-central-auth-domain

sso流程图 04typical-sso-v2

uniquejava commented 6 years ago

spring boot 1.5.x tutorial (oauth2 + sso)

https://www.thecuriousdev.org/spring-security-oauth2/

other1: http://www.cnblogs.com/cjsblog/p/9296361.htm other2: https://www.baeldung.com/sso-spring-security-oauth2

让axios带上cookie

https://stackoverflow.com/questions/43002444/make-axios-send-cookies-in-its-requests-automatically

axios.get('some api url', {withCredentials: true});

同时需要设置一个特殊的cors header.

app.use(function(req, res, next) {
  res.header('Access-Control-Allow-Origin', yourExactHostname);
  res.header('Access-Control-Allow-Credentials', true);
  res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
  next();
});