Today at 10:02am, Chris Wood said:
I have an odd situation where I want to link from one site to a third-party
site and automatically log the user in. The other site is happy to let me
do this if I can figure it out. I tried talking them into providing access
to the data on their site in other ways, but this is the only way they will
do it due to getting burned in the past.
The reason I want to link it this way is that I don't want to have to tell
users what the username/password is for the site and then have to tell them
again every time I change the password (which will happen as I gain/lose
users).
Is there any way to do this with PHP/javascript, etc?
There are a couple of possibilities I can think of:
1. Give them a link or button that sends the login credentials to the
other site in a GET or POST. This will reveal the credentials to the user,
if they look at your HTML source, so not a good idea if you want to keep
them secret, like if they're shared among all users. If each user has
their own credentials though, then you can make this work nicely. Just
make sure that your "change password" feature updates the 3rd party site
too, or at least warn them that if they change the other site's password
without telling you, the single sign-on won't work.
2. You might be able to arrange a way to use curl or something to post the
credentials to the 3rd party server before linking the user to it, but
you'd need some way for the other server to know that it was the client
that was authenticated, not your server. Probably needs some third party
help.
With more information we might be able to toss out some other ideas or
solutions.
Thanks,
Mac
--
Mac Newbold MNE - Mac Newbold Enterprises, LLC
[EMAIL PROTECTED] http://www.macnewbold.com/
_______________________________________________
UPHPU mailing list
[email protected]
http://uphpu.org/mailman/listinfo/uphpu
IRC: #uphpu on irc.freenode.net
