• 0

Looking for a Simple Single Sign On PHP/MySQL


Question

So this is the situation I have at hand right now.

I have 5 domain names.

-centraldomain.tld (the domain which is where everything is stored)

-domain1.tld

-domain2.tld

-domain3.tld

-domain4.tld

So currently, we have a header that goes across all 5 domains which displays whether or not the user is logged in and links to the other websites on the network.

I am looking for a really basic way to check if the end user is logged into one of our websites on our network right now so they don't need to login again. (Definition of SSO lol). We have a central MySQL database across all domains which has all the user information.

Has anyone ever developed a simple solution to do this or have any idea how?

Also I am on a Dedicated Fedora Server so I'm not worried about installing things if necessary. Furthermore, Google wasn't much help either.

Thanks guys!

Link to comment
Share on other sites

3 answers to this question

Recommended Posts

  • 0

I assume the login system is a self-creation; quick & dirty way would be to set a cookie with each domain for each of the 5 login routines (= 5 cookies)?

Using the central MySQL DB for this task doesn't seem logically possible to me since the end-user somehow needs to be verified in each of the domains (not by cookies, not by IP, what else is there? I don't know).

Link to comment
Share on other sites

  • 0

I assume the login system is a self-creation; quick & dirty way would be to set a cookie with each domain for each of the 5 login routines (= 5 cookies)?

Using the central MySQL DB for this task doesn't seem logically possible to me since the end-user somehow needs to be verified in each of the domains (not by cookies, not by IP, what else is there? I don't know).

But would setting 5 cookies be very secure?

And I guess the way I was thinking with the central database is to store all the session information and try to match it when the user loads the a different site on my network. As for what else, there is all sorts of other things that can be tracked OS, Browser, IP, Screen Resolution...maybe compare all that stuff when looking at the same IP...

Check out OAuth, or specifically, Zend's OAuth implementation.

Thanks for the link. I will definitely check this out.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.