Cross domain access?

Results 1 to 3 of 3

Thread: Cross domain access?

  1. #1
    Join Date
    Dec 1969

    Default Cross domain access?

    We have around 5 sites which shares the database .I need to have the login universal ie if I login in one of the site A and then open another site B in another new window it should show me as logged in.Is this possible.<BR>Regards,<BR>leejo

  2. #2
    Join Date
    Dec 1969

    Default RE: Cross domain access?

    not with &#039;standard&#039; IIS sessions, no - you&#039;d need to implement a custom solution, I reckon - or something like passport...

  3. #3
    Join Date
    Dec 1969

    Default Sure you could!

    You said the sites share the database, yes?<BR><BR>So just have a "WhoIsLoggedOn" table in the database.<BR><BR>NOW... The first time a user visited each site, he/she would have to log in even if already logged into another of the 5 sites. But then you set a cookie for *that* site, which gives the user&#039;s userid, and then any time he/she brings up a new window you use the cookie to look up the "WhoIsLoggedOn" record for that person.<BR><BR>PROBLEM: It&#039;s not secure. If somebody ever found the username for another user, then he/she could just keep trying to hit your site until he/she happened to hit at the same time the other user is on.<BR><BR>But I don&#039;t see *ANY* solution for that problem, since there is no way to be sure that two different HTTP requests are coming from the same machine.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts