sso 登录
When you’re developing a product for the masses, it is very rare that you would come up with a totally standalone product that does not interact with any other service. When you use a third-party service, user authentication is a relatively difficult task, as different applications have different mechanisms in place to authenticate users. One way to solve this issue is through Single Sign On, or SSO.
当您为大众开发产品时,很少有人会想到一个完全独立的产品,该产品不会与任何其他服务交互。 当您使用第三方服务时,用户身份验证是一个相对困难的任务,因为不同的应用程序具有用于身份验证用户的不同机制。 解决此问题的一种方法是通过Single Sign On或SSO。
Single Sign On (SSO) is a process that permits a user to access multiple services after going through user authentication (i.e. logging in) only once. This involves authentication into all services the user has given permission to, after logging into a primary service. Among other benefits, SSO avoids the monotonous task of confirming identity over and over again through passwords or other authentication systems.
单一登录(SSO)是一种过程,它允许用户仅经过一次用户身份验证(即登录)后才能访问多个服务。 这涉及到登录主服务后,对用户已授予权限的所有服务进行身份验证。 除其他好处外,SSO避免了通过密码或其他身份验证系统一遍又一遍地确认身份的单调任务。
Let’s look at SSO in more detail and we’ll use a very well-known service to demonstrate its uses and benefits.
让我们更详细地看一下SSO,我们将使用一个非常著名的服务来演示其用途和好处。
认证过程 (The Authentication Process)
The basic process of SSO is as follows:
SSO的基本过程如下:
- The first step is logging into the main service (Facebook or Google, for instance). 第一步是登录主服务(例如,Facebook或Google)。
- When you visit a new service, it redirects you to the original (or parent) service to check if you are logged in at that one. 当您访问一项新服务时,它会将您重定向到原始(或父)服务,以检查您是否已登录到该服务。
- An OTP (One-time password) token is returned. 返回一个OTP(一次性密码)令牌。
- The OTP token is then verified by the new service from the parent’s servers, and only after successful verification is the user granted entry. 然后,新服务将通过父服务器的新服务来验证OTP令牌,只有在成功验证之后,用户才被授予条目。
Although making the API for SSO is a tedious task, especially in handling security, implementation is a relatively easier task!
尽管制作用于SSO的API是一项繁琐的工作,尤其是在处理安全性方面,但实现起来却相对容易一些!
A good example of the use of SSO is in Google’s services. You need only be signed in to one primary Google account to access different services like YouTube, Gmail, Google+, Google Analytics, and more.
Google的服务就是使用SSO的一个很好的例子。 您只需登录一个主要Google帐户即可访问YouTube,Gmail,Google +,Google An