At 9:06 PM +0000 1/16/02, Mark Maunder wrote: >That's cool, but any ideas on how to do this with different domain names i.e. >foo.com, bar.com, baz.com and boo.com? You can't create cookies for the .com >domain, so there's no way to hand out auth cookies from foo.com (when the user >logs into foo.com) and have the browser send them to bar.com too. Also foo.com >can't hand out cookies for bar.com, so you can't implement a single sign on >using cookies for multiple domain names from the same host. > >The only way I could come up with, was to have the browser redirected to every >domain name with an encrypted uri variable to prove it is signed on >which causes >each host included in the single sign on to assign an auth cookie to the >browser.
>So the browser is logged into foo.com, bar.com baz.com and boo.com by logging >into foo.com which assigns a cookie and redirects to bar.com which assigns a >cookie and redirects it to baz.com which assigns a cookie and redirects it to >boo.com which assigns a cookie and redirects it back to foo.com. It has now >collected all cookies required for signon to all domain names and is >logged into >all of them. That's not terribly efficient for the user. If I were to do this, I'd probably put some "You are now logged in" page that loads images from foo.com, bar.com, baz.com, and boo.com (transparent single pixel gifs would work). Now the user is logged in to all those servers (provided that the gifs returned were returned with Set-Cookie headers). The same thing can be done with authentication. Most browsers allow you to write urls as http://user:[EMAIL PROTECTED]/images/spacer.gif It's not pretty, and not super secure, but it does work. Rob -- When I used a Mac, they laughed because I had no command prompt. When I used Linux, they laughed because I had no GUI.
![http://user:[EMAIL PROTECTED]/images/spacer.gif](http://user:[EMAIL PROTECTED]/images/spacer.gif){kind=link}