Guys, We are going round and round with the methods for SSO. Can something like this be done?
EREJobs.com will include a file from ERE.net, the file on ERE.net executes on the ere.net domain while doing so can it read the ere.net cookie? I know that is probably not allowed due to XSS. We have looked into Open SSO and even the chapter from Advanced PHP Programming on SSO however that leads to issues when using multiple sites. For instance you go to erejobs.com and login, it directs you to ere.net authenticates you, sets a cookie for ere.net and back to erejobs where a cookie is set. However if you then go to another site say eredirectory.com it will not see you logged in because no cookie is set so you again have to click the login button. You wont have to login because the ere.net cookie exists it will just redirect you back to eredirectory but it seems like a rats nest we will get into. Any ideas on how else to accomplish something like this? -- Joseph Crawford Jr. Zend Certified Engineer Codebowl Solutions, Inc. http://www.codebowl.com/ Blog: http://www.josephcrawford.com/ 1-802-671-2021 [EMAIL PROTECTED] _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
