ticket共享式单点登录

 

ticket

流程图

在这里插入图片描述

验证服务器
ail.com // | Date  : 2018/1/9 // | Time  : 18:35 // +---------------------------------------------------------------------- require '../Db.php'; session_start(); class Passport {      /**      *  单点登录      */     public function login()     {         if(isset($_POST['submit'])) {             $account = isset($_POST['account'])?trim($_POST['account']):null;             $password = isset($_POST['password'])?trim($_POST['password']):null;             $server = isset($_POST['server'])?trim($_POST['server']):null;              if(!$account || !$password){                 $_SESSION['ERROR'] = '账号或密码为空';                 require 'sso.html';                 die;             }              if(!$server){                 $_SESSION['error'] = '非法操作';                 require 'sso.html';                 die;             }              $db = Db::getinstance();             $user = $db->table('user')->where(['account'=>$account, 'password'=>md5($password)])->find();             if(empty($user)){                 $_SESSION['error'] = '账号或密码有误';                 require 'sso.html';                 die;             }              unset($_SESSION['error']);             $login_a_url = "http://a.com/index.php?action=login&ticket=".$user['ticket'];             $login_b_url = "http://b.com/index.php?action=login&ticket=".$user['ticket'];             $res1 = file_get_content($login_a_url );             $res2 = file_get_content($login_b_url );             if($res1 == $res2 == 'success'){             	header("location:".$server."?action=login&ticket=".$user['ticket']);             }else{             	$_SESSION['error'] = '登录失败'; 				require 'sso.html'; 			}          }else{             $server = isset($_GET['server'])?trim($_GET['server']):die('来源不明');             require 'sso.html';         }     }      /**      *  退出登录      */     public function logout()     {         $url1 = 'http://a.com/index.php?action=logout&server='.$_GET['server'];         header('Location:'.$url1);     }      /**      *  验证ticket有效性      */     public function verify()     {         $ticket = trim($_GET['ticket']);          //验证ticket有效性         if($ticket){             $db = Db::getInstance();             $user = $db->table('user')->where(['ticket'=>$ticket])->find();             if($user){                 echo 'success';             }else{                 echo "fail";             }             die;         }         echo 'fail';         die;     }      /**      * 通过ticket获取用户信息      */     public function user()     {         $ticket = trim($_GET['ticket']);         $db = Db::getInstance();         $user = $db->table('user')->where(['ticket'=>$ticket])->find();          echo json_encode($user);     }  }  $action = isset($_GET['action'])?trim($_GET['action']):'login';  (new Passport())->$action();  

html表单

            <title>单点登录       
hidden" name="server" value="" /> error:
站点 A
file_get_contents($verify_url)=='success'){                 // 获取用户信息                 $get_user_info_url = 'http://passport.com/index.php?action=user&ticket='.$ticket;                 $user = file_get_contents($get_user_info_url);                 $_SESSION['user'] = json_decode($user,true);                 echo 'success';             }else{                 $msg = "您还未登录";                 $url = "http://passport.com/index.php?action=login&server=http://a.com/index.php";                 $this->_jump($msg,$url);             }          }else{             $msg = "您还未登录";             $url = "http://passport.com/index.php?action=login&server=http://a.com/index.php";             $this->_jump($msg,$url);         }      }      /**      * 若用户未登陆,则跳转到单点登陆      */     public function index()     {         $ticket = @$_GET['ticket'];         if($ticket && !isset($_SESSION['user'])){             $verify_url = 'http://passport.com/index.php?action=verify&ticket='.$ticket;             if(file_get_contents($verify_url)=='success') {                 // 获取用户信息                 $get_user_info_url = 'http://passport.com/index.php?action=user&ticket=' . $ticket;                 $user = file_get_contents($get_user_info_url);                 $_SESSION['user'] = json_decode($user, true);             }else{                 $msg = "您还未登录";                 $url = "http://passport.com/index.php?action=login&server=http://a.com/index.php";                 $this->_jump($msg,$url);             }         }          if($_SESSION['user']) {             $ticket = $_SESSION['user']['ticket'];             echo "";             echo "A已登陆成功退出
"; echo "跳转到B"; }else{ $msg = "您还未登录"; $url = "http://passport.com/index.php?action=login&server=http://a.com/index.php"; $this->_jump($msg,$url); } } public function logout() { session_destroy(); $server = $_GET['server']; $url1 = 'http://b.com/index.php?action=logout&server='.$server; header('Location:'.$url1); } /** * 跳转方法 * @param $msg * @param $url */ private function _jump($msg, $url) { ob_clean(); echo "{$msg}3秒后跳转。"; echo ""; die; } } $action = isset($_GET['action'])?trim($_GET['action']):'index'; (new A())->$action();
站点B
_jump($msg,$url);             }          }else{             $msg = "您还未登录";             $url = "http://passport.com/index.php?action=login&server=http://b.com/index.php";             $this->_jump($msg,$url);         }      }      /**      * 若用户未登陆,则跳转到单点登陆      */     public function index()     {         $ticket = @$_GET['ticket'];         if($ticket && !isset($_SESSION['user'])){             $verify_url = 'http://passport.com/index.php?action=verify&ticket=' . $ticket;             if(file_get_contents($verify_url)=='success') {                 // 获取用户信息                 $get_user_info_url = 'http://passport.com/index.php?action=user&ticket=' . $ticket;                 $user = file_get_contents($get_user_info_url);                 $_SESSION['user'] = json_decode($user, true);             }else{                 $msg = "您还未登录";                 $url = "http://passport.com/index.php?action=login&server=http://b.com/index.php";                 $this->_jump($msg,$url);             }         }          if($_SESSION['user']) {             $ticket = $_SESSION['user']['ticket'];             echo "";             echo "B已登陆成功退出
"; echo "跳转到A"; }else{ $msg = "您还未登录"; $url = "http://passport.com/index.php?action=login&server=http://b.com/index.php"; $this->_jump($msg,$url); } } public function logout() { session_destroy(); $server = $_GET['server']; $url2 = 'http://passport.com/index.php?action=login&server='.$server; header('Location:'.$url2); } /** * 跳转方法 * @param $msg * @param $url */ private function _jump($msg, $url) { ob_clean(); echo "{$msg}3秒后跳转。"; echo ""; die; } } $action = isset($_GET['action'])?trim($_GET['action']):'index'; (new B())->$action();

相关阅读

单点登录概述

单点登录是什么 说cas前,先谈谈单点登录,什么是单点登录,是指当存在多个系统时,用户只需要登录一个系统,就能访问所有受信用的系统。

SSO单点登录原理剖析

转载于:http://www.cnblogs.com/gxbk629/p/4473569.html CAS实现SSO单点登录原理 1.      CAS 简介 1.1.  What is CA

深入浅出单点登录(SSO)

1. 摘要 ( 注意:请仔细看下摘要,留心此文是否是您的菜,若浪费宝贵时间,深感歉意!!!) SSO这一概念由来已久,也是相当普遍的一种身份验证设

统一用户认证和单点登录解决方案

本文以某新闻单位多媒体数据库系统为例,提出建立企业用户认证中心,实现基于安全策略的统一用户管理、认证和单点登录,解决用户在同时

单点登录原理

一、单系统登陆机制 1. http 无状态协议 web 应用采用 browser / server 架构,http 作为通信协议。http 是无状态协议,浏览器的每一

发表评论