Thanks George, I will look into shibboleth. I was also reading an article on CAS: http://tp.its.yale.edu/tiki/tiki-index.php?page=CentralAuthenticationSer vice.
Shibboleth has the more interesting name though:-) ~Cynthia -----Original Message----- From: George Abraham [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 13, 2005 1:05 PM To: CF-Talk Subject: Re: Discuss: Cross Site Sign-on Cynthia, What you want is single sign-on or federated authentication. In this model, one particular entity stores all the authentication information for a user, typically username and password. Then the other entities, when confronted with a login, refer to this single entity for authentication information. Microsoft has something called its .NET Passport which does something similar. In a .org situation like yours, I would look at Shibboleth which is an Internet2 initiative. The Shibboleth mailing lists are extremely helpful. http://shibboleth.internet2.edu/ George On 4/13/05, Adrocknaphobia <[EMAIL PROTECTED]> wrote: > Well cookies are your only choice, unless you are using client vars > that are stored in a database. Maybe you could generate a UUID each > time the user logs in and store it in your central db. Then when they > hit another application, it knows who they are by the UUID. > > Dunno, just a thought. > > -Adam > > On 4/13/05, Cynthia Reece <[EMAIL PROTECTED]> wrote: > > We have a central database schema that holds the user/role > > information for a the applications. > > > > What I would like to know is how to we allow these people to log-on > > in one place and essentiall carry those credentials over to our > > other domains as they move between our sites. The domains reside on > > different servers and I am not sure how best to pass this information around. > > > > -----Original Message----- > > From: Adrocknaphobia [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, April 13, 2005 11:27 AM > > To: CF-Talk > > Subject: Re: Discuss: Cross Site Sign-on > > > > Well you have alot of options, but it all depends on what you are > > really trying to accomplish. You can use LDAP / Active Directory as > > a central user store, or you can use a central database schema that > > would hold all user / role information. > > > > So what is it exactly you want to know? > > > > -Adam > > > > On 4/13/05, Cynthia Reece <[EMAIL PROTECTED]> wrote: > > > > > > Hi All, > > > I was hoping to get some feedback from those of you out there that > > > have implemented cross-site sign ons. > > > > > > We have multiple domain names that we've added over the years with > > > a variety of different applications all requiring some degree of > > security. > > > All the applications are CF and we know who the cross-over users > > > are for the biggest of these apps. Currently we have a little > > > javascript routine that is called to sign-in a user when they move > > > between sites, > > > > > not very elegant. > > > > > > I'd like to develop something that allows our users to move more > > > freely between our sites and was hoping to get either words of > > > advice or caution from those of you on the list that have tackled > > > this > > before. > > > > > > Thanks > > > Cynthia > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:202615 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54