cas统一认证时序图
2020-08-20 10:25:49 2 举报
CAS统一认证时序图
作者其他创作
大纲/内容
用户(user)
访问系统A的page1页面
浏览器(browser)
Locationpage1?Token=xxx
访问系统A的page2页面
GET http://systemA.com/some/page1?token=xxx
Locationhttp://systemA.com/some/page1?token=xxx
验证token的cookie是否存在
Locationhttp://systemA.com/some/page2
GET http://cas.com/login?redirectUrl=http%3A%2F%2FsystemA%2Fsome%2Fpage1
服务
校验用户有效性
Set cookie Locationhttp://systemA.com/some/page1
GET http://systemA.com/logout?redirectUrl=http%3A%2F%2FsystemA.com%2Fsome%2Fpage2
url参数中不存在jwt token参数则校验jwt token的cookie
Show login form
CAS
GET portallogin?redirectUrl=page1
验证token有效性
Showpage1
Locationhttp://cas.com/login?redirectUrl=http%3A%2F%2FsystemA%2Fsome%2Fpage1
Responsepage1
用户名/密码
GET http://cas.com/attach/validate?token=xxx
访问系统A页面:page1
Response success
GET page1?Token=xxx
门户
Show some/page1
GET http://systemA.com/some/page2
用户有效性
Response login form
Submitportallogin form
系统A
Showportallogin form
用户
系统A(systemA)
POST http://cas.com/login?redirectUrl=http%3A%2F%2FsystemA%2Fsome%2Fpage1
POST portallogin?redirectUrl=page1
浏览器
销毁session对象
GET page1
Show some/page2
http://systemA.com/some/page1
GET http://systemA.com/some/page1
GET http://cas.com/logout?redirectUrl=http%3A%2F%2FsystemA.com%2Fsome%2Fpage2
退出登录
Submit login form
Location http://cas.com/logout?redirectUrl=http%3A%2F%2FsystemA.com%2Fsome%2Fpage2
Responseportallogin from
http://systemA.com/some/page2
此步骤相当于回到第一步
Token是否有效
http://systemA.com/logout?redirectUrl=http%3A%2F%2FsystemA.com%2Fsome%2Fpage2
locationon portallogin?redirectUrl=page1
JWT解密Token是否有效:时效和用户
是否存在Token
Response some/page2
处理some/page2处理请求
0 条评论
下一页