近幾年來,網際網路已經是人們生活中不可或缺的一部分。當使用者欲使用任何一個網站的會員服務時,必須先向該網站註冊一組帳戶,才能開始使用服務。 然而使用者每造訪一個網站的服務,就必須註冊一組帳戶,若無法妥善管理帳戶資訊,將會造成使用者的負擔。於是就興起了單一登入(Single Sign-on)機制這個概念。 單一登入(Single Sign-on)的做法有許多種,如OpenID與OAuth。而目前市面上有提供Single Sign-on登入機制的網站,通常僅支持其一做法,並沒有同時支援多種Single Sign-on的登入方式。 「OpenID」和「OAuth」雖然都屬於Single Sign-on機制,但是使用情境以及注重方向卻不相同,錯誤的使用有可能會帶來隱患。因此本論文將針對「OpenID」、「OAuth」這兩種單一登入機制深入研究探討,並比較此兩種做法的優缺點以及差異性,完成Single Sign-on機制之探討。 實作的部分上,開發出一個應用網站,網站同時支援「OpenID」、「OAuth」這兩種 Single Sign-on的登入機制,使用者可任選其一種登入方式而不會再被受限,達到推廣Single Sign-on機制的理念。
In the recent years, the internet has became a necessary part for human beings. Usuaully, every website has its own membership system. The user must register first for an account before he starts to get the service from the website. If the user cannot properly manage all of his account information, there will be a burden. Therefore, this phenomenon causes the development of the single sign-on mechanism. There are many kinds of methods to log in single sign-on mechanism, such as “OpenID” and “OAuth”. Currently, in the market condition, almost all of the sites support just one kind of single sign-on mechanism. Both “OpenID” and “OAuth” belong to the Single Sign-on mechanism; nevertheless, the usage of the context (modal) and the aspect of emphasis are quite different, and the error use might bring hidden risk. In this paper, we will investigate these two mechanisms and compare the difference between them. In the experimental part, we will develop a website supporting both “OpenID” and “OAuth”. Now, the user can choose either way to log in in order to promote Single Sign-on mechanism.