XXL-SSO is a distributed single sign-on framework. Users only need to log in once to access all trusted applications. So far, XXL-JOB has been connected to the online product lines of many companies, such as e-commerce business, O2O business and big data operations, including: Dianping, Uxin used car, Migu Interactive, Wave software, 360 finance, Mobei technology, Lenovo, Jingdong, Evergrande, NetEase Yixin, Tick Travel, Huya and other 500+ enterprises, XXL-JOB is currently fully open source code, out of the box.

db157fce1b234d60ad6d18541d3833c6noop.image_

The main features of the framework:

API simple and intuitive, easy to use
Less dependence on the environment, low deployment and access costs
Support distributed deployment
Both the Server and Client support cluster deployment
Cross-domain applications can be connected to SSO authentication centers
Supports cookie-based and token-based access modes
Supports Web and APP access
The login and logout status of the system is shared by all servers and clients in real time

Architecture diagram:

89d4be46bbb7401e9266ea3f2e8879e0noop.image_

Quick start (Cookie example) :

1, source code compilation

- xxl-sso-server：Central authentication service, support cluster - xxl-sso-core：ClientEnd dependent -xxl-sso-samples：Single sign-on Client access Example project- xxl-sso-web-sample-springboot：Cookie access mode for users to access the browser，springbootversions- xxl-sso-token-sample-springboot：The springboot version is used in scenarios where cookies cannot be used, for example, apps and cookies are disabled

2、Deploy the Authentication Center (SSO Server)”

Project name: xxl-sso-server

Configuration description

Configuration file location: application.properties

// redis Address: such as"{ip}"、"{ip}:{port}"、"{redis/rediss}://xxl-sso:{password}@{ip}:{port:6379}/{db}"；Multiple addresses separated by commasxxl.sso.redis.address=redis://127.0.0.1:6379// The validity window of the login state is 24 hours by default. When the validity window of the login state is half over, it is automatically extended by one periodxxl.sso.redis.expire.minute=1440

3、Deploy the Single Sign-on Client Access Example project”

Project name: xxl-sso-web-sample-springboot

maven dependency

<dependency>    <groupId>com.xuxueli</groupId>    <artifactId>xxl-sso-core</artifactId>    <version>${Latest stable release}</version></dependency>

Configure XxlSsoFilter

Reference code: com. XXL. Sso. Sample. Config. XxlSsoConfig

@Beanpublic FilterRegistrationBean xxlSsoFilterRegistration() {    // xxl-sso, redis init    JedisUtil.init(xxlSsoRedisAddress);    // xxl-sso, filter init    FilterRegistrationBean registration = new FilterRegistrationBean();    registration.setName("XxlSsoWebFilter");    registration.setOrder(1);    registration.addUrlPatterns("/*");    registration.setFilter(new XxlSsoWebFilter());    registration.addInitParameter(Conf.SSO_SERVER, xxlSsoServer);    registration.addInitParameter(Conf.SSO_LOGOUT_PATH, xxlSsoLogoutPath);    return registration;}

Configuration description

Configuration file location: application.properties

### xxl-sso     (CLientEnd SSO configuration)##### SSO ServerAddress of the authentication center (You are advised to configure the authentication center by using the domain name. On the local PC, you can modify the host file by referring to Section 2.5）xxl.sso.server=http://xxlssoserver.com:8080/xxl-sso-server##### Log out path, the value is the relative path of the Client applicationxxl.sso.logout.path=/logout##### Path exclusion Path, multiple Settings are allowed, and Ant expressions are supported. Used to exclude paths that do not need to be filtered by the SSO clientxxl-sso.excluded.paths=### redis   // redis address, like "{ip}"、"{ip}:{port}"、"{redis/rediss}://xxl-sso:{password}@{ip}:{port:6379}/{db}"；Multiple "," separatedxxl.sso.redis.address=redis://xxl-sso:password@127.0.0.1:6379/0

4、verification

Modify the Host file: Access the authentication center using a domain name to simulate cross-domain and online environments

### Add the following to the host file127.0.0.1 xxlssoserver.com127.0.0.1 xxlssoclient1.com127.0.0.1 xxlssoclient2.com

Run xxl-sso-server and xxl-sso-web-sample-springboot respectively.

Run xxl-sso-server and xxl-sso-web-sample-springboot respectively. 1. Address of the SSO authentication center：http://xxlssoserver.com:8080/xxl-sso-server2、Client01Application address：http://xxlssoclient1.com:8081/xxl-sso-web-sample-springboot/3、Client02Application address：http://xxlssoclient2.com:8081/xxl-sso-web-sample-springboot/

SSO Login/logout process verification

In normal cases, the login process is as follows: 1. Access the “Client01 Application Address “and you will automatically redirect to the “SSO Authentication Center Address” login page. 2. After a successful login, the automatic redirect will return to the “Client01 Application Address “and switch to the logged in state. Client02 Application Address will be automatically switched to the login state without login. In normal cases, the logout process is as follows: 1. If you access the “Log Off path” configured in “Client01 Application Address”, the login status will be automatically redirected to the “SSO Authentication Center address “and the login status will be automatically logged off. 2

You can read more on your own.

开源地址：gitee.com/xuxueli0323/xxl-sso

如需项目推荐、获取资源请私信作者

资源下载此资源为免费资源立即下载

Telegram:@John_Software

collect(0) Like (0)

Disclaimer: This article is published by a third party and represents the views of the author only and has nothing to do with this website. This site does not make any guarantee or commitment to the authenticity, completeness and timeliness of this article and all or part of its content, please readers for reference only, and please verify the relevant content. The publication or republication of articles by this website for the purpose of conveying more information does not mean that it endorses its views or confirms its description, nor does it mean that this website is responsible for its authenticity.

Ictcoder Free Source Code A distributed single sign-on framework that supports cookies and tokens – XXL-SSO https://ictcoder.com/a-distributed-single-sign-on-framework-that-supports-cookies-and-tokens-xxl-sso/

lllll

Share free open-source source code

Previous article： ThinkPHP based Wechat background management platform - ThinkAdmin

Next article： Luckysheet, an online form with a pure front end similar to excel

Q&A

Ordering Process

1. Automatic: After making an online payment, click the (Download) link to download the source code; 2. Manual: Contact the seller or the official to check if the template is consistent. Then, place an order and make payment online. The seller ships the goods, and both parties inspect and confirm that there are no issues. ICTcoder will then settle the payment for the seller. Note: Please ensure to place your order and make payment through ICTcoder. If you do not place your order and make payment through ICTcoder, and the seller sends fake source code or encounters any issues, ICTcoder will not assist in resolving them, nor can we guarantee your funds!

View details

Transactions and Disputes

1. Default transaction cycle for source code: The seller manually ships the goods within 1-3 days. The amount paid by the user will be held in escrow by ICTcoder until 7 days after the transaction is completed and both parties confirm that there are no issues. ICTcoder will then settle with the seller. In case of any disputes, ICTcoder will have staff to assist in handling until the dispute is resolved or a refund is made! If the buyer places an order and makes payment not through ICTcoder, any issues and disputes have nothing to do with ICTcoder, and ICTcoder will not be responsible for any liabilities!

View details

Matters needing attention

1. ICTcoder will permanently archive the transaction process between both parties and snapshots of the traded goods to ensure the authenticity, validity, and security of the transaction! 2. ICTcoder cannot guarantee services such as "permanent package updates" and "permanent technical support" after the merchant's commitment. Buyers are advised to identify these services on their own. If necessary, they can contact ICTcoder for assistance; 3. When both website demonstration and image demonstration exist in the source code, and the text descriptions of the website and images are inconsistent, the text description of the image shall prevail as the basis for dispute resolution (excluding special statements or agreements); 4. If there is no statement such as "no legal basis for refund" or similar content, any indication on the product that "once sold, no refunds will be supported" or other similar declarations shall be deemed invalid; 5. Before the buyer places an order and makes payment, the transaction details agreed upon by both parties via WhatsApp or email can also serve as the basis for dispute resolution (in case of any inconsistency between the agreement and the description of the conflict, the agreement shall prevail); 6. Since chat records and email records can serve as the basis for dispute resolution, both parties should only communicate with each other through the contact information left on the system when contacting each other, in order to prevent the other party from denying their own commitments. 7. Although the probability of disputes is low, it is essential to retain important information such as chat records, text messages, and email records, in case a dispute arises, so that ICTcoder can intervene quickly.

View details

ICTcoder reminds and declares

1. As a third-party intermediary platform, ICTcoder solely protects transaction security and the rights and interests of both buyers and sellers based on the transaction contract (product description, agreed content before the transaction); 2. For online trading projects not on the ICTcoder platform, any consequences are unrelated to this platform; regardless of the reason why the seller requests an offline transaction, please contact the administrator to report.

View details