php的sso单点登录实现方法
本文实例讲述了php的sso单点登录实现方法。分享给大家供大家参考。具体分析如下:
这里详细讲到了几点:
1、点击登录跳转到SSO登录页面并带上当前应用的callback地址
2、登录成功后生成COOKIE并将COOKIE传给callback地址
3、callback地址接收SSO的COOKIE并设置在当前域下再跳回到应用1即完成登录
4、再在应用程序需要登录的地方嵌入一个iframe用来实时检测登录状态,代码如下:
index.php应用程序页面:
<?php header('Content-Type:text/html;charset=utf-8'); $sso_address='http://XXXX.com/sso/login.php';//你SSO所在的域名 $callback_address='http://'.$_SERVER['HTTP_HOST'] .str_replace('index.php','',$_SERVER['SCRIPT_NAME']) .'callback.php';//callback地址用于回调设置cookie if(isset($_COOKIE['sign'])){ exit("欢迎您{$_COOKIE['sign']}<ahref="login.php?logout">退出</a>"); }else{ echo'您还未登录<ahref="'.$sso_address.'?callback='.$callback_address.'">点此登录</a>'; } ?> <iframesrc="<?phpecho$sso_address?>?callback=<?phpecho$callback_address?>"frameborder="0" width="0"height="0"></iframe>
login.phpSSO登录页面:
<?php header('Content-Type:text/html;charset=utf-8'); if(isset($_GET['logout'])){ setcookie('sign','',-300); unset($_GET['logout']); header('location:index.php'); } if(isset($_POST['username'])&&isset($_POST['password'])){ setcookie('sign',$_POST['username'],0,''); header("location:".$_POST['callback']."?sign={$_POST['username']}"); } if(emptyempty($_COOKIE['sign'])){ ?> <formmethod="post"> <p>用户名:<inputtype="text"name="username"/></p> <p>密 码:<inputtype="password"name="password"/></p> <inputtype="hidden"name="callback"value="<?phpecho$_GET['callback'];?>"/> <inputtype="submit"value="登录"/> </form> <?php }else{ $query=http_build_query($_COOKIE); echo"系统检测到您已登录{$_COOKIE['sign']}<ahref="{$_GET['callback']}?{$query}">授权</a><ahref="?logout">退出</a>"; } ?>
callback.php回调页面用来设置跨域COOKIE:
<?php header('Content-Type:text/html;charset=utf-8'); if(emptyempty($_GET)){ exit('您还未登录'); }else{ foreach($_GETas$key=>$val){ setcookie($key,$val,0,''); } header("location:index.php"); } ?>
connect.php用来检测登录状态的页面,内嵌在页面的iframe中:
<?php header('Content-Type:text/html;charset=utf-8'); if(isset($_COOKIE['sign'])){ $callback=urldecode($_GET['callback']);unset($_GET['callback']); $query=http_build_query($_COOKIE); $callback=$callback."?{$query}"; }else{ exit; } ?> <html><scripttype="text/javascript">top.location.href="<?phpecho$callback;?>";</script></html>
希望本文所述对大家的php程序设计有所帮助。