authenticating users between websites
Dan Langille
dan at langille.org
Tue Feb 1 07:29:33 PST 2005
On 25 Jan 2005 at 11:43, Ulf Zimmermann wrote:
> On Tue, Jan 25, 2005 at 02:40:42PM -0500, Dan Langille wrote:
> > I'm getting this request often and I'm not sure how to solve it. A
> > client will have two websites and wants users to be able to browse
> > freely between the websites after having logged into the primary
> > website.
> >
> > For example, I browse to a.example.org, log in, and continue
> > browsing. Then I browse over to b.example.org.... How can I be
> > automagically be authenticated on that other website?
> >
> > cheers
> > --
> > Dan Langille : http://www.langille.org/
> > BSDCan - The Technical BSD Conference - http://www.bsdcan.org/
>
> If both sites are part of the same, you can set a cookie based on the
> domain. That is how sites usual do it. If you are concerned about
> someone modifying the cookie local on the client side, keep also some
> information about the cookie in a database which can be accessed by
> both sites.
Unfortunately, I've just been informed: the two websites won't even
be in the same domain. This complicates matters. :)
--
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/
More information about the freebsd-chat
mailing list