Ajax Asynchronous Cross-domain SSO

  • Last update:December 11, 2020
  • I. Overview

    OA system and report system integration, to bind the report on the OA system of nodes, the OA system to realize single sign-on for FineReport, users need a user name and password in the login interface of OA incoming certification address authentication to the report, if the OA system and reporting system is not deployed on the same server, how to achieve cross-domain login of OA system and reporting system through Ajax?

    Note:

    Ajax:” Asynchronous Javascript And XML”, a web development technique for creating interactive web applications. Ajax enables asynchronous updates to web pages by exchanging a small amount of data with the server in the background. This means that you can update parts of a web page without reloading the entire page.

    The difference between iframe and Ajax function

    Both iframe and Ajax can achieve cross-domain single sign-on. Ajax can achieve asynchronous single sign-on and handle the results of the report system validation, such as a login timeout, but an iframe cannot handle this asynchronously and cannot handle the results of the validation when the report is validated.

    II. Steps

    Three ways of single sign-on, iframe, Ajax and form submission, are introduced in the single sign-on interface of decision platform, Among them, both the iframe mode and Ajax mode can achieve the cross-domain single sign-on. The following is a brief introduction to the use of Ajax single sign-on. For the single sign-on mode of iframe, please check the cross-domain single sign-on mode of iframe.

    Ajax login mode naturally supports cross-domain, so the problem of cross-domain single sign-on can be solved by sending the user name and password directly to the report server for background verification through Ajax in the login interface of OA system.

    Explain the ajax implementation steps through the simplified OA login page.

    Login button event Settings

    When the user clicks the submit or login button after entering the username and password, the doSubmit() method is triggered. In this method, the login event is realized and the user name and password are sent to the reporting system through Ajax for verification. When the authentication is successful, the form submission event in HTML is triggered to realize the jump of the login success page, the report authentication code is as follows:

    function doSubmit() {
        var username = document.getElementById("username").value.trim();    
         var password = document.getElementById("password").value.trim();    
         if (username === "") {        
               window.alert("Please input username");        
               return false;    
         }    
         if (password === "") {
            window.alert("Please input password");
            return false;
        }
        var url = "<a href="http://localhost:8080/webroot/decision/login/cross/domain" "="">http://localhost:8080/webroot/decision/login/cross/domain" + "?fine_username=" + username + "&fine_password=" + password + "&validity=" + -1;
        jQuery.ajax({
            url: url,        // Single sign-on management platform report server
            timeout: 5000,      // Timeout time (in milliseconds)
            dataType:"jsonp",       // The jsonp approach is adopted across domains
            jsonp:"callback",
            success: function (res) {
                console.log(res);
                if (res.errorCode) {
                    window.alert(res.errorMsg);
                }else {
                    // Save the token and jump to the corresponding link
                    window.location.href = "<a href="http://localhost:8080/webroot/decision" ;"="">http://localhost:8080/webroot/decision";
                }

            },
            error: function () {
                alert("Timeout or other server error");       // Fail to login
            }
        });
    }

    Note: because of the use of Ajax, we need to introduce jquery.js.

    <script src="<a href="http://code.jquery.com/jquery-2.1.4.min.js" "="">http://code.jquery.com/jquery-2.1.4.min.js"></script>

    The above Ajax single sign-on submission event is placed on the original OA system login page, which means that the event will be triggered when the login button is clicked. After modification, the code of cross-domain single sign-on asynchronous login can be realized as follows:

    <!DOCTYPE html>
    <html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; " charset="UTF-8">
        <script src="<a href="http://code.jquery.com/jquery-2.1.4.min.js" "="">http://code.jquery.com/jquery-2.1.4.min.js"></script>
        <script type="text/javascript">
            function doSubmit() {
                var username = document.getElementById("username").value.trim();
                var password = document.getElementById("password").value.trim();
                if (username === "") {
                    window.alert("Input your username");
                    return false;
                }
                if (password === "") {
                    window.alert("Input your password");
                    return false;
                }
                var url = "<a href="http://localhost:8080/webroot/decision/login/cross/domain" "="">http://localhost:8080/webroot/decision/login/cross/domain" + "?fine_username=" + username + "&fine_password=" + password + "&validity=" + -1;
                jQuery.ajax({
                    url: url,      // Single sign-on management platform report server
                    timeout: 5000,     // Timeout time (in milliseconds)
                    dataType:"jsonp", //The jsonp approach is adopted across domains
                    jsonp:"callback",
                    success: function (res) {
                        console.log(res);
                        if (res.errorCode) {
                            window.alert(res.errorMsg);
                        }else {
                            // Save token and jump to the corresponding link                        
                            window.location.href = "<a href="http://localhost:8080/webroot/decision" ;"="">http://localhost:8080/webroot/decision";
                        }
                    },
                    error: function () {
                        alert("Timeout or other server error ");   //Fail to login
                    }
                });
            }
        </script></head><body><p>Please login</p><form id="login" name="login" method="POST" action="">
        <p>username:<input id="username" type="text" name="username"/></p>
        <p>password:<input id="password" type="password" name="password"/></p>
        <input type="button" value="Login" onClick="doSubmit()"/>
    </form>
    </body>
    </html>

    Note: the user name and password form USES a button to trigger doSubmit(). You only need to add the doSubmit() method to the login page of your OA. To simplify the operation, the complete code above does not jump to the specified page, butto the platform page.

    III. Log out

    When the project user is logged out, you also want to log out the Session of the report user name. At this time, you can also log out the FR report when you click the exit button:

    jQuery.ajax({
         url:"<a href="http://localhost:8075/webroot/decision/logout/cross/domain" , "="">http://localhost:8075/webroot/decision/logout/cross/domain",  // Single sign-on management platform report server
         dataType:"jsonp",   //The jsonp approach is adopted across domains
         jsonp:"callback",
         timeout:5000,      // Timeout time (in milliseconds)
         success:function(data) {
             if (data.status === "success") {
                  //Succeed to logout
               }
         },
         error:function(){
             // Fail to logout(Timeout or other server error)
         }
    });

    IV. Things to matter

    You need close the [Click Attack Protection] and [Content sniffing attack] in Manage system > Security-Security to achieve cross-domain single click sign-on (the picture is as follow), or you will get an error.

    1.png


    Attachment List


    Theme: Decision-making Platform
    • Helpful
    • Not helpful
    • Only read

    滑鼠選中內容,快速回饋問題

    滑鼠選中存在疑惑的內容,即可快速回饋問題,我們將會跟進處理。

    不再提示

    10s後關閉

    Get
    Help
    Online Support
    Professional technical support is provided to quickly help you solve problems.
    Online support is available from 9:00-12:00 and 13:30-17:30 on weekdays.
    Page Feedback
    You can provide suggestions and feedback for the current web page.
    Pre-Sales Consultation
    Business Consultation
    Business: international@fanruan.com
    Support: support@fanruan.com
    Page Feedback
    *Problem Type
    Cannot be empty
    Problem Description
    0/1000
    Cannot be empty

    Submitted successfully

    Network busy