The role of Passport Server is to verify the user, save the maintenance login state, and provide status information for the current user.
Passport Server core part is two classes, Ticket and Ticketcache
Ticket provides a randomly generated TicketID, and user account and other user information.
TicketCache is responsible for maintaining all the current Ticket information. In my program is actually inherited, it is inherited when the TiMer is initialized, and the TIMER is started to clean up the expiration Ticket. TicketCache is saved in the ServletContext of Application Server, make sure all sessions can be read.
The interface provided by Passport Server is Login, Logout, Profile
Where login, logout is logged in, logout servlet
Profile provides Ticket information for the member website, and the member website reads the Ticket information returned in XML format through this interface to determine whether the user logs in.
The Passport Server implements a login between the member website, and the key available is how to deliver TicketID between multiple sites so that the member website reads from Passport Server to the user's login state. This requires how to achieve the biggest problem of SSO with cookie, how to implement cookie's cross-domain pass.
