This article mainly combs the complete single sign on and logout process , The following is the basic requirements of the single point process sorted out in this paper ：

• Cross domain single point ： The same domain single point is not in the scope of this paper , A single point in the same domain can pass cokie Realization .
• Client side authentication ： Support the single point server to verify the client accessing the single point , Unregistered services do not allow authentication .
• Support single sign out ： The client needs to register the logout callback . If not configured , It means that the client does not need single sign out （ That is, the user quits from the single point system without quitting the client ,SSO-SERVER Only do unified authentication for this client ）.

Single point client registration

A client needs to access the single sign on system , First, you need to register at the single sign on server , Then the server generates the client for it id Configure on the client , For single point authentication .

Sign in

Access the restricted resources of the client directly without logging in

Access the client's restricted resources when logged in

Log out

The single sign out process from the client and the single sign out process from the server are actually the same , So here is only a single sign out from the client .