Hi, I need a something like SSO (Sign-On system or One user ID system) system to link all my sub-sites ( like 4images.mysite.com, blog.mysite.com, article.mysite.com, forum.mysite.com etc. ) together. my sub-site include CMS, blog system, gallery system, forum etc. I want my users can use one account to visit all the services and don't need log in repeatedly(cookie can keep the loggin status for all services) like yahoo one ID login system. Can anybody kindly recommend me a good suggestion that can meet this need? thank you very much!!
Step 1) When a user logs on to any one of the sites, create a cookie with some given life span. Step 2) When a user visits another one of your sites check to see if the cookie exists A) If the cookie exists, then show the user their account-specific information B) If the cookie doesn't exist, then ask the user to log in. If you have any code specific questions feel free to ask or PM me. What language are you using to write this code?
actually i want to setup a centralized user authentication system like 'login.yahoo.com'. Is it possible?
I think he wants something similar to a login for Geocities, Yahoo! games, etc. The databases would need to be in sync on several different servers. Anyone with an ID of 'user@MassiveNetwork.com' can login to several domains on different servers. I'm also interested in knowing how to do this without paying $xx,xxx's
Hmm, couldn't you just do something like this? Have one database that keeps your username, hashed password, etc... and also has a 'state' field that keeps track of whether or not you are logged in. So when you log in at login.example.com your 'state' changes to represent that you are logged in. Then, every time that you access another domain on a separate server, the database with your info would be checked to see if you are logged in. Would that work?
It is simple to do what you want if they are all subdomains as a cookie can be set at the domain level and thus each of the subdomains call up the cookie. If you are using different servers then you need to double check what key is being used in any encryption of passwords or cookies etc as by default this can be the server key and so this needs to be over ridden so they all use the same key.
I understand what AstarothSolutions is saying, and obviously, I would need to have root access to the servers. ~~~~~~~~~ cPanel11 (on shared hosting) has an icon for "remote db access", but I've had no luck getting it to work. Does anyone have experience with this on shared hosting??
well let me explain, I want to setup a common user registration/login system, that mean if I have a main site like www.mysite.com and five sub domains like 4images.mysite.com for gallery site, wordpress.mysite.com for blog site, article.mysite.com for article site, vBulletin.mysite.com for forum site and drupal.mysite.com for news site on the same server, then each sub-site have it's own user registration and login system. But I want to setup a common user registration and login system so that a visitor can register/login for one time to access my all sub site. For example if you register on yahoo then you can access all the sub-site of yahoo with one sign on.
Yes... as said, build a common log in system that use a shared db but when you create the cookie you need to make sure it is set for mysite.com rather than drupal.mysite.com or article.mysite.com as that way each subdomain will also be able to pickup the cookie and see that the user is logged in. Yahoo is different because it allows cross domain log in which is where you then start to need to use a webservice setting up as a domain cannot pick up another domains cookies. As previously said, you need to be careful with salted passwords as often the salt is the machine key so if your subdomains are on different servers they will have a different key.