|
|
Posted by Jerry Stuckle on 06/11/07 03:12
Jon Slaughter wrote:
> "Samir Chouaieb" <chouaieb@nospam.arcor.de> wrote in message
> news:466bdf44$0$20300$9b4e6d93@newsspool3.arcor-online.net...
>> Hello,
>>
>> I am trying to find a solution to a login mechanism for different domains
>> on different servers with PHP5.
>>
>> I have one main domain with the user data and several other domains that
>> need a login to show data.
>>
>> I want the user to login only once when he visits any of my domains.
>>
>> The first idea is had is to use the same session for all domains. Is this
>> possible?
>>
>> Any help or hint is appreciated.
>>
>> Thanks in advance
>>
>> Best regards
>> Samir
>
>
> Why not just a central server that handles the the cookies? That way they
> are stored w.r.t to the centeral server but the other servers can get the
> information(through a request to the centeral server).
>
> e.g., when the user wants to be "remembered" they would be temporarily
> redirected to your centeral server where the cookie processing will take
> place and it will probably need to contain more information such as which
> server the request came from(or since you don't seem to care it would just
> save it as normal).
>
> Then any time cookie retrival needs to happen the opposite thing will
> happen.
>
> I think the only issue here is if multiple servers are serving to the same
> users then there would need some way to synchronize but I thnk this isn't
> that big of a problem.
>
> If you go the central route then you could keep everything on that central
> server and really just dish out stuff over the different domains. You just
> need to write an interface for what you want.
>
> Jon
>
>
Jon,
The problem here is the remote servers will have no idea what the
current status is from the central server - they'll have no way to
communicate anything, even the session id.
If everything requiring a single signon were handled through the central
server, this would work. But it would require using frames and
basically the main server would be doing everything requiring signons.
So why even have the other servers/domains?
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|