Monday 09 August 2010 2:49:55 pm - 1 reply
We got a website running that is accessible via multiple domains. The Problem is that when a user logs in at www.domain1.com he's not logged in at www.domain2.com.
So i guess we'll have to implement a Single Sing On Handler.
Since i can not just read the cookie created on www.domain1.com when the user visits www.domain2.com we'll have to come up with a more sophisticated solution.
Has anyone ever created a solution for such a problem and would share some ideas regarding this topic with me ?
I'd appreciate any tips, hints and ideas on how to implement such a SSO.
Monday 09 August 2010 3:17:42 pm
Yes you are correct that a single signon handler would be a good approach. I have built similar implementations in both cross-domain (a.com, b.com) and root-domain (sub.a.com, sub2.a.com, *.a.com) environments.
It really depends on how you store your cookies - there was recently an enhancement for eZ Publish which should come out in 4.4 which allows you to specify the domain name you wanted stored for login cookies - then it's a matter of building a suitable SSO handler to meet your requirements.
In your case with multiple different domain names you will need an intermediate domain that handles all authorisations via redirects to that domain to check the auth cookie - then you need to redirect back to the requested domain and set a login cookie for the specific domain.
You must be logged in to post messages in this topic!