-
Notifications
You must be signed in to change notification settings - Fork 388
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Good job .i have a question .can you help me ? #5
Comments
It shouldn't take that much time. The typical latency HTTP request on my server env (LAMP) is about 200ms. Check if you can bring down the response time of the server in general by tweaking Apache and PHP. It's essential for any SSO solution to do this at least on the first page request. The only way for a broker to know who the client is, is by asking it to the server, since the client is not logged into the broken but into the server. After that, the broker can save the user's information in a session. If you solve it that way, the client isn't logged out of all brokers automatically when logging out of one of them. This may of may not be an issue for you. There's a way around this, by having the server send out notifications of a logout to each broker. However that's outside the scope of the original article. |
Yes there's no way around this. It shouldn't be that bad. You only have the overhead of a server to server http request. That should be in the range of 100 to 200ms. If requesting the information from the server takes over a second, than logging in without SSO would also take over a second. In that case you should really try to tweak your server's environment. ----- Reply message ----- Each client request to the index page ,the broker has to request user information from the server ,though the visitor is already logged in. Is it reasonable? I mean it takes 1second to complete curl request to get information from the server. Cost too much than traditional session login . Hope your answer — |
The client requests the index page at the broker. The broker will request user information from the server. Since the visitor is already logged in, the server returns this information. The index page is shown to the visitor.
Each client request to the index page ,the broker has to request user information from the server ,though the visitor is already logged in.
Is it reasonable?
I mean it takes 1second to complete curl request to get information from the server. Cost too much than traditional session login .
Hope your answer
The text was updated successfully, but these errors were encountered: