Hi, I've just forwarded your question to one of the managers of WebCollage and he said that they don't give a complete solution for single-sign-on but for a nominal fee, and if you have an NT or a Solaris box they will send you a copy of their software so you can get rid of the frames stuff.
Cheers, --Amos On Tue, 15 Feb 2005 16:41:23 +1100, Taryn East <[EMAIL PROTECTED]> wrote: > > I've been given the task of doing a single-login and am having trouble > finding out how to do it... > > the issue is that our business allows some of our website to be viewable > through the website of some of our "channel partners". These channel > partners have a login to our website to allow them to do this. > > However, the channel partners have customers that only have a login to > the channel-partner websites... and the channel partners don't want to > directly give them the login to our site, but do want the pages > displayed (generally using yucky frames... but hey). > > ok, now they aparrently used to do this by having a url with the > username/password in it (ie using "basic" http authentication with the > login details as parameters). > > Firstly this is unsafe and secndly - microsoft (in a rare moment where > their interests align with ours) has turned this feature off in IE (to > stop address-bar spoofing). > > I need some sort of alternative method of doing this, however all the > 'help" files on this issue seem to just say: let the users get the > prompt and login... > the problem with this being that the user does not have the login > details and will not be given them - ie this is not a solution for me > :( > > Now when this issue first came up I got all enthusiastic and went > wandring through the web and found that you can send the details in an > http header etc etc... however I seem to have hit a brick wall in that I > don't see how to actually send that. > > There is a hell of a lot on the web on autologin functions from the > recipient side fo things (ie the one receiving the login details) but we > need some code to hand to our channel partners that can run on their > server to send the login details to us... something that can be > activated through a normal webpage that will not bug the user for > anything. > > I trawled through the HTTP specs and the PHP pages looking for anything > that might help, but I readily admit that I'm doing a random search - I > don't really know where to go look for this stuff. > > Does anyone here have any ideas? Even just some general direction on a > good place to go looking? > > Cheers and thanks in advance, > Taryn > > -- > This .sig temporarily out-of-order. > We apologise for any inconvenience > - The Management > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > > ---------- Your email is protected by Mailshell ---------- > To block spam or change delivery options: > http://www.mailshell.com/control.html?a=balatsrial4tlprafm_jqupsjnpz1k > > FreshAddress.com http://rd.mailshell.com/ad482 > Earn up to $3 for each of your friends who signs up with Mailshell! > http://rd.mailshell.com/sp5 > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
