professional-wings icon indicating copy to clipboard operation
professional-wings copied to clipboard
verified publisher icon trydofor

Wings user union login

Open trydofor opened this issue 3 years ago • 5 comments

Wings system can be associated with the login, similar to the SSO.

  • Ensure the independence of Wings account privilege system
  • Convenient SSO login
  • token recovery and kicking out of dangerous accounts.

Within a unified Hazelcast cluster, session sharing is possible. Non-cluster, to consider on-demand network invocation.

  • OAuth2/Oidc is more complex, and the token cannot be invalidated
  • SAML/CAS http-based BS architecture

trydofor avatar Oct 12 '22 07:10 trydofor

Consider using header: Auth-Ticket to build internal tokens based on Tickets

trydofor avatar Mar 16 '23 00:03 trydofor

The lightest non-intrusive solution is HttpSessionIdResolver

  • No changes to each app's own auth system, independent of each other
  • Union sessionId, get the current app's sid based on the sid mapping relationship
  • Authentication pull, logout push
  • global unique id

HttpSessionEventPublisher

trydofor avatar Mar 20 '23 08:03 trydofor

#82

trydofor avatar Mar 28 '23 08:03 trydofor

https://github.com/spring-projects/spring-session/issues/11

fixed at 3.2.0 of Session and SpringBoot

trydofor avatar Apr 07 '23 04:04 trydofor

Oauth2 server release 1.2.0

https://docs.spring.io/spring-authorization-server/reference/index.html

trydofor avatar Dec 11 '23 07:12 trydofor