The products used: 1, Sun Java System Directory Server is a directory server, supporting LDAP access, powerful. 2, Sun Java System Identity Server Sign (identity or authentication) server, which can be used to access Directory Server directly. 3, Sun Java System Identity Server Policy AgentIndity Server's Policy Agent is a tool based on Identity Server to achieve joint work with Web Server.
SSO principle: 1. When the user accesses a protected page, it is checked whether it is verified. 2, if not, turn to the login page, perform login. 3. After the verification, the authentication module generates the corresponding credentials, and pass it back to the browser 4 in the form of cookie. After the authentication is over, it will turn to the original request.