Cynthia, What you want is single sign-on or federated authentication. In this model, one particular entity stores all the authentication information for a user, typically username and password. Then the other entities, when confronted with a login, refer to this single entity for authentication information. Microsoft has something called its .NET Passport which does something similar. In a .org situation like yours, I would look at Shibboleth which is an Internet2 initiative. The Shibboleth mailing lists are extremely helpful.
http://shibboleth.internet2.edu/ George On 4/13/05, Adrocknaphobia <[EMAIL PROTECTED]> wrote: > Well cookies are your only choice, unless you are using client vars > that are stored in a database. Maybe you could generate a UUID each > time the user logs in and store it in your central db. Then when they > hit another application, it knows who they are by the UUID. > > Dunno, just a thought. > > -Adam > > On 4/13/05, Cynthia Reece <[EMAIL PROTECTED]> wrote: > > We have a central database schema that holds the user/role information > > for a the applications. > > > > What I would like to know is how to we allow these people to log-on in > > one place and essentiall carry those credentials over to our other > > domains as they move between our sites. The domains reside on different > > servers and I am not sure how best to pass this information around. > > > > -----Original Message----- > > From: Adrocknaphobia [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, April 13, 2005 11:27 AM > > To: CF-Talk > > Subject: Re: Discuss: Cross Site Sign-on > > > > Well you have alot of options, but it all depends on what you are really > > trying to accomplish. You can use LDAP / Active Directory as a central > > user store, or you can use a central database schema that would hold all > > user / role information. > > > > So what is it exactly you want to know? > > > > -Adam > > > > On 4/13/05, Cynthia Reece <[EMAIL PROTECTED]> wrote: > > > > > > Hi All, > > > I was hoping to get some feedback from those of you out there that > > > have implemented cross-site sign ons. > > > > > > We have multiple domain names that we've added over the years with a > > > variety of different applications all requiring some degree of > > security. > > > All the applications are CF and we know who the cross-over users are > > > for the biggest of these apps. Currently we have a little javascript > > > routine that is called to sign-in a user when they move between sites, > > > > > not very elegant. > > > > > > I'd like to develop something that allows our users to move more > > > freely between our sites and was hoping to get either words of advice > > > or caution from those of you on the list that have tackled this > > before. > > > > > > Thanks > > > Cynthia > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:202600 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
