i working on website application developed on laravel 4.2 framework , website associated websites application related to.
i want implement single sign on (sso) functionality in application.
suppose application : www.example.com
associated websites following :
- www.testsite1.com
- www.testsite2.com
- www.testsite3.com
- www.testsite4.com
when logged on 1 of websites (my application or associated websites).
after logged, hits rest of websites except (currently logged websites) should not prompt login means should allow enter in application without logging because logged @ 1 application.
same as, when logged on gmail account,and go account (drive,google plus,youtube etc) won't ask login again,it bypass login page application.
is there better , feasible solutions php/laravel ?
may following steps achieve single sign on across different website
- when user visit www.testsite1.com , redirect user sso server.
- once user redirected sso server, check if cookie exist, first time there no cookie show login page hosted on sso server.
- after getting credential user validate user
- if user valid, generate token token can unique hexadecimal number or hash timestamps.
- set token cookie on sso server , redirect user original site or success page
- now when user visit www.testsite2.com or www.testsite3.com, redirect user sso server again
- once user comes sso, check cookie, if exist , not expire redirect user directly success page without asking login credential again or show login page , follow drill again
as redirecting user on different server, can set cookie there common name 'ssocookie' , every time access same when coming different application. achieve single sign on different domain.
Comments
Post a Comment