3

this is my first post,

I'm working on a project that required me to buy another domain. But i want it to use the same authentication system as my current domain and and also login the user into both sites.

I already found a great post whate it explains what needs to happen here: See the first comment

But I want to make it possible for the user to login on domain1.com (by entering credentials) and i want the credentials to be taken from domain1.com to maindomain.com and authenticate it.

Now, i know its not safe to send the users info unprotected, but i am not sure exactly how to do it any other way.

Do you have any suggestions to how i may send the login info or authenticate the users.

NOTE: Both sites are on the Same server and one is in a subdirectory of the other (in the file tree) but they have two separate domains so i cant just tell it to POST the info to /login, instead i would have to send it to which would not work with POST.

Any and all help is appreciated! Thanks in advance!

Community
  • 1
  • 1
lankanmon
  • 31
  • 1

2 Answers2

1

When the user logs in on server1, you could include something like this in the HTML:

<img src="http://server2/login/?hash=...">

(put a 1*1 transparent gif there or so)

The server should reply with a header that sets the session id.

thejh
  • 44,854
  • 16
  • 96
  • 107
0

If you are using cookie based sessions, the easiest way is to set additional copy of session cookie using iframe after successful login.

Zygimantas
  • 8,547
  • 7
  • 42
  • 54