Posted by Carl Vondrick on 12/17/48 11:54

taylor.ettema@gmail.com wrote:
> I wish to create an application that will be spawned within a host web
> application after the container app has authorized a user. These two
> apps are seperately developed/maintained, and can only share
> information via the normal methods (post/get, cookies, etc...). What
> is the best and most secure way to pass authorization to the spawned
> application?

So you basically have two applications/websites and you want to
authenticate a login?

If they are hosted on the same server, simply connect to the same database.

If not, have a validater on the authentication app. This receives the
username and and password, then returns either if it's valid or not.
Note that the validater would never give out hashes or usernames -- it
just tells you if something is correct.

Carl

• Next in forum: Re: socket timeout being ignored
• Prev in forum: Re: PHP and Java
• Thread view: Re: how to pass authorization to another application

[Reply to this message]