简体繁体 English

多个Web应用程序之间的身份验证

[英]Authentication between multiple web applications

原文 2011-01-30 13:55:20 2 2 php/ web-applications/ authentication

I am planning on creating a number of web applications that allows the user to share an account between these applications. 我正计划创建许多Web应用程序，以允许用户在这些应用程序之间共享帐户。 I am using apache, php and mysql. 我正在使用apache，php和mysql。

My question is, is it possible for the user to login on one server and then be able to use all the applications with these login details. 我的问题是，用户是否可以在一台服务器上登录，然后能够使用具有这些登录详细信息的所有应用程序。 I was thinking of using some kind of web service/api that can be accessed by the other applications but I am not entirely sure that this is the best way. 我当时在考虑使用某种可以被其他应用程序访问的Web服务/ API，但是我不确定这是最好的方法。

Thanks in advance. 提前致谢。

2 个解决方案

You might want to go for the popular OpenID : 您可能想要使用流行的OpenID ：

OpenID is an open standard that describes how users can be authenticated in a decentralized manner, obviating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities. OpenID是一种开放标准，它描述了如何以分散方式对用户进行身份验证，从而消除了提供自己的即席系统所需的服务，并允许用户整合其数字身份。

There is also OAuth authentication system: 还有OAuth身份验证系统：

OAuth (Open Authorization) is an open standard for authorization. OAuth（开放授权）是授权的开放标准。 It allows users to share their private resources (eg photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password. 它允许用户与另一个站点共享存储在一个站点上的私有资源（例如照片，视频，联系人列表），而不必发出其凭据（通常是用户名和密码）。

Yes I would build an authentication service. 是的，我将建立身份验证服务。 Then I would register within that service which applications the user can use. 然后，我将在该服务中注册用户可以使用的应用程序。