Date: Sat, 05 Feb 2005 10:59:31 -0700 From: Danny MacMillan <flowers@users.sourceforge.net> To: Dan Langille <dan@langille.org> Cc: freebsd-chat@freebsd.org Subject: Re: authenticating users between websites Message-ID: <20050205175931.GA680@procyon.nekulturny.org> In-Reply-To: <41FF5990.14802.4B422A7D@localhost> References: <41F65A6A.23011.281B9A2A@localhost> <41FF5990.14802.4B422A7D@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 01, 2005 at 10:27:28AM -0500, Dan Langille wrote: > On 25 Jan 2005 at 11:43, Ulf Zimmermann wrote: > > On Tue, Jan 25, 2005 at 02:40:42PM -0500, Dan Langille wrote: > > > I'm getting this request often and I'm not sure how to solve it. A > > > client will have two websites and wants users to be able to browse > > > freely between the websites after having logged into the primary > > > website. > > > > > > For example, I browse to a.example.org, log in, and continue > > > browsing. Then I browse over to b.example.org.... How can I be > > > automagically be authenticated on that other website? > > > > > > cheers > > > > If both sites are part of the same, you can set a cookie based on the > > domain. That is how sites usual do it. If you are concerned about > > someone modifying the cookie local on the client side, keep also some > > information about the cookie in a database which can be accessed by > > both sites. > > Unfortunately, I've just been informed: the two websites won't even > be in the same domain. This complicates matters. :) There are Single Sign-On solutions like SiteMinder and WebSeal. There are probably open source solutions, too. -- Danny
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050205175931.GA680>