one place used to do something like this person logs onto <domain1> via form form submits to current domain, <domain1> <domain1> one passes cgi to <masterdomain> <masterdomain> script loads on clients computer set cookie for <masterdomain>
client can now surf to all sub domains via a small check master domain cookie -----Original Message----- From: Perrin Harkins [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 24, 2004 11:08 AM To: Larry Leszczynski Cc: mod_perl List Subject: Re: Ticket-based access control across multiple domains? On Wed, 2004-03-24 at 10:47, Larry Leszczynski wrote: > I've been looking into designs for a mod_perl cookie-based "single > sign-on" kind of authentication system that would use a central > authentication server across multiple products. Ask Bjorne Hansen and Robert Spier gave a presentation about the single sign-on system used by cpan.org at OSCON. There may be source available. It's not really very hard to build one. The way you build it will vary depending on your requirements. It's definitely easier if you can access some shared resource (like a central database) so that all you need to pass around is a ticket that each domain can use to lookup the user in the shared db. - Perrin -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
