Hi, Its not explicitly cross domain sessions that I am looking for, but its the easiest way to explain what it is I want. I have a system which creates websites. The websites are hosted across lots of different servers. Users can create their account and then they can create lots of websites. They could create www.mysite.com subdomain.mysite.com and create lots of different sites. Some times, sites will be COMPLETELY different from one another, however some times, the sites will in fact be so closely linked, that they should probably be considered the same site. For example: (Different domain entirely) mysite-news.com mysite-blog.com or (Same domain, different subdomain) news.mysite.com blog.mysite.com What I need is a way for users where they want, to create a federation of sort, which allows by clicking a check box, that they want to allow cross site logins. I cannot change configs unless its a permanent change and won't affect other sites, because 1000s of sites will be affected. What do you think would be the best way to support this?
Its definately possible. I just don't want to taint other peoples suggestions. SSO or OpenID would be one route.
This is speculation, not something I've yet tried. A central log-in domain may be utilized. When a new browser arrives at a domain, the central log-in domain is consulted to authenticate the user. Oh, please do taint This is something I am also needing solved for a project coming up. Will