摘要： 分析总结了当前在Web 应用中热门的单点登录系统的各种实现策略——基于ticket 凭证策略、基于Web 请求代理策略以及基于密码代理策略，并针对目前应用最为广泛的基于Web 请求代理的实现策略给出了一个简单的系统实现，以它为例具体阐述了单点登录系统在Web 应用中的工作机制和流程。

关键词: 单点登录；Web 应用；ticket 凭证；Web 请求代理；密码代理

Abstract: This paper makes an analysis of the single sign-on mechanisms: ticketing mechanism, Web request-proxy mechanism and password-proxy mechanism, which are recently being deployed more and more often for Web applications. And later in the paper, a simple single sign-on system for Web applications is implemented based on the common used method——Web request-proxy mechanism and it is taken as an instance to illustrate how a single sign-on system works in Web applications.

Key words: Single sign-on(SSO); Web application; Ticketing; Web request-proxy; Password-proxy