This issue recommends a distributed single sign-on framework – XXL-SSO.
XXL-SSO is a distributed single sign-on framework. Users only need to log in once to access all trusted applications. So far, XXL-JOB has been connected to the online product lines of many companies, such as e-commerce business, O2O business and big data operations, including: Dianping, Uxin used car, Migu Interactive, Wave software, 360 finance, Mobei technology, Lenovo, Jingdong, Evergrande, NetEase Yixin, Tick Travel, Huya and other 500+ enterprises, XXL-JOB is currently fully open source code, out of the box.
The main features of the framework:
API simple and intuitive, easy to use
Less dependence on the environment, low deployment and access costs
Support distributed deployment
Both the Server and Client support cluster deployment
Cross-domain applications can be connected to SSO authentication centers
Supports cookie-based and token-based access modes
Supports Web and APP access
The login and logout status of the system is shared by all servers and clients in real time
Architecture diagram:
Quick start (Cookie example) :
1, source code compilation
- xxl-sso-server:Central authentication service, support cluster - xxl-sso-core:ClientEnd dependent -xxl-sso-samples:Single sign-on Client access Example project- xxl-sso-web-sample-springboot:Cookie access mode for users to access the browser,springbootversions- xxl-sso-token-sample-springboot:The springboot version is used in scenarios where cookies cannot be used, for example, apps and cookies are disabled2、Deploy the Authentication Center (SSO Server)”
Project name: xxl-sso-server
Configuration description
Configuration file location: application.properties
// redis Address: such as"{ip}"、"{ip}:{port}"、"{redis/rediss}://xxl-sso:{password}@{ip}:{port:6379}/{db}";Multiple addresses separated by commasxxl.sso.redis.address=redis://127.0.0.1:6379// The validity window of the login state is 24 hours by default. When the validity window of the login state is half over, it is automatically extended by one periodxxl.sso.redis.expire.minute=14403、Deploy the Single Sign-on Client Access Example project”
Project name: xxl-sso-web-sample-springboot
maven dependency
<dependency> <groupId>com.xuxueli</groupId> <artifactId>xxl-sso-core</artifactId> <version>${Latest stable release}</version></dependency>Configure XxlSsoFilter
Reference code: com. XXL. Sso. Sample. Config. XxlSsoConfig
@Beanpublic FilterRegistrationBean xxlSsoFilterRegistration() { // xxl-sso, redis init JedisUtil.init(xxlSsoRedisAddress); // xxl-sso, filter init FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setName("XxlSsoWebFilter"); registration.setOrder(1); registration.addUrlPatterns("/*"); registration.setFilter(new XxlSsoWebFilter()); registration.addInitParameter(Conf.SSO_SERVER, xxlSsoServer); registration.addInitParameter(Conf.SSO_LOGOUT_PATH, xxlSsoLogoutPath); return registration;}Configuration description
Configuration file location: application.properties
### xxl-sso (CLientEnd SSO configuration)##### SSO ServerAddress of the authentication center (You are advised to configure the authentication center by using the domain name. On the local PC, you can modify the host file by referring to Section 2.5)xxl.sso.server=http://xxlssoserver.com:8080/xxl-sso-server##### Log out path, the value is the relative path of the Client applicationxxl.sso.logout.path=/logout##### Path exclusion Path, multiple Settings are allowed, and Ant expressions are supported. Used to exclude paths that do not need to be filtered by the SSO clientxxl-sso.excluded.paths=### redis // redis address, like "{ip}"、"{ip}:{port}"、"{redis/rediss}://xxl-sso:{password}@{ip}:{port:6379}/{db}";Multiple "," separatedxxl.sso.redis.address=redis://xxl-sso:password@127.0.0.1:6379/0 4、verification
Modify the Host file: Access the authentication center using a domain name to simulate cross-domain and online environments
### Add the following to the host file127.0.0.1 xxlssoserver.com127.0.0.1 xxlssoclient1.com127.0.0.1 xxlssoclient2.comRun xxl-sso-server and xxl-sso-web-sample-springboot respectively.
Run xxl-sso-server and xxl-sso-web-sample-springboot respectively. 1. Address of the SSO authentication center:http://xxlssoserver.com:8080/xxl-sso-server2、Client01Application address:http://xxlssoclient1.com:8081/xxl-sso-web-sample-springboot/3、Client02Application address:http://xxlssoclient2.com:8081/xxl-sso-web-sample-springboot/SSO Login/logout process verification
In normal cases, the login process is as follows: 1. Access the “Client01 Application Address “and you will automatically redirect to the “SSO Authentication Center Address” login page. 2. After a successful login, the automatic redirect will return to the “Client01 Application Address “and switch to the logged in state. Client02 Application Address will be automatically switched to the login state without login. In normal cases, the logout process is as follows: 1. If you access the “Log Off path” configured in “Client01 Application Address”, the login status will be automatically redirected to the “SSO Authentication Center address “and the login status will be automatically logged off. 2
You can read more on your own.
开源地址:gitee.com/xuxueli0323/xxl-sso
如需项目推荐、获取资源请私信作者
