问题
Please I would like to know how to implement Single Sign On across subdomains running on a mixture of programming platforms, asp.net and php?
回答1:
You could use cookies if the top level domain is the same. There's an article on CodeProject.
回答2:
I know this is old but I thought I would answer this for others stumbling across this via google search.
For Single Sign On across platforms you probably want to implement a SAML based solution. SAML stands for Security Assertion Markup Language and is an XML based solution. On the side of things you can use an open source library that makes it easier called SimpleSAMLphp (simplesamlphp.org).
I'm not sure if the asp.net side of things has an open source library for you to use but since SAML is an open standard you should be able to do it with pure asp.net.
回答3:
Implementation for Single sign on for sub domain
Following can be the steps to implement single sign on for same domain or sub domain
- For the user visiting very first time, check if the cookie exist, for time it wont be there
- Show the login page
- Validate the user
- Once the user is validated, generate a token which can be any hexadecimal number of anything which need to be share among domain
- After the token generation set the cookie with the common name across domain at the root path say cookie with name 'SSOkey' and path as '/'
- Return the user to the success page
- Now when the user visit to sub domain, check if the cookie exist and not expire if it exist than you can directly redirect user to the success page else you can show the login page.
From the above steps you can achieve single sign on, along with the above steps you can add various layer of validation for the security
来源:https://stackoverflow.com/questions/2198853/single-sign-on-with-subdomains