Cross Domain Auto Login

• Previous message: Curt_C [MVP]: "Re: Output folder changed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 30 Dec 2004 09:28:20 -0800

I have multiple asp.net websites living in different domains. The
websites (pages, code, etc) are all identical. The databases driving
the websites are different. This is not a web farm.

I use Forms Authentication as the authentication method against custom
users and passwords stored in the databases. Assume the user/password
information is replicated across all the databases.

I would like to provide seamless navigation across the websites. In
other words, if the user has logged into website A and they click a
link which leads them to website B, I don't want them to have to login
with the same credentials on website B.

One solution is to save the credentials they used in session and then
pass them as url parameters to the login page. The login page would
have to know how to use the parameters. This is obviously a large
security hole and generally bad practice.

Another idea is to again save the credentials in session and manually
post to the login page with the credentials as post parameters (assume
ssl). The trick is to save the resulting cookie and reuse it when
redirecting the user to the requested page on the new website. I can't
get this working for a number of reasons and thought I would post here
to see if this has been done before or if anyone had any other ideas on
this topic.

Thanks.
Grim

• Previous message: Curt_C [MVP]: "Re: Output folder changed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Small form factor systems (SFF/SFFPC) ? ... overheating the case and if ia64 is considered stable enough. ... as most websites and databases don't run in the multimegagigaterabytes ... I write web / sql code with large databases behind them. ... Plus I work with web designers who are fanatical about fonts, ... (comp.unix.bsd.freebsd.misc) Re: Cross Domain Auto Login ... >I have multiple asp.net websites living in different domains. ... > users and passwords stored in the databases. ... > One solution is to save the credentials they used in session and then ... > pass them as url parameters to the login page. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Sending information between 2 web services on 1 web server. ... you need to use a common shared resoure, file, databases, com+ service, webservice, remoting, ... ... I am wondering if it is possible to have 2 websites that are based on ... information on the web server like a global variable of some kind. ... (microsoft.public.dotnet.framework.aspnet) SQL and SBS ... databases for different websites and applications. ... >and SBS Premium edition on the other. ... >Can I have multiple databases on the SBS so I can have ... (microsoft.public.windows.server.sbs) default password(s) website(s) ... Hash: SHA1 ... I use to have links to a couple of websites that had default password ... databases. ... (Security-Basics)