homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

Single Sign On
Authentication across different websites

5+ Year Member

Msg#: 4496307 posted 4:32 pm on Sep 17, 2012 (gmt 0)

So, we're in the situation where we are having customers asking us for a 'single sign on' solution, whereby a user logged into their account on our customer's website is also logged into an account on our website.

However, they don't know they are asking that. All they know is that users can log into their own website, and when they redirect the user over to our website (for certain pages), they don't want the user to have to register and log in again.

Usually, we deal with customers with very basic websites, without any authentication anyway, so this issue never comes up, but we've had a few questions asked in the last couple of weeks.

The problem is that these are not companies with their own development teams, but use completely different third parties who create their websites for them (you know the type - 200 for a basic 5-page website with a contact form, etc).

I've been saying that implementing a single sign on solution is not a quick job. Many moons ago I developed a site that authenticated via an existing single sign on solution, and that alone took long enough.

Has anyone got an experience with doing this in this way?

If we were just talking one customer who needed this, then fine, I could just talk to whoever their IT guys are, and get something working. But this is likely to be something that countless different customers are going to want, all who have websites built in different ways by different people.

I would think that we would have to set up our own solution, regardless of any specific company's needs, and just tell them what we have available and let them connect to it, but I know that will go down like a ton of bricks.

Any thoughts?



WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

Msg#: 4496307 posted 8:55 am on Sep 18, 2012 (gmt 0)

My first thought is of security, or the aspect of weaker security. That has got to be the top priority, and may be a good angle to help change their minds.


WebmasterWorld Senior Member 5+ Year Member

Msg#: 4496307 posted 3:11 am on Sep 19, 2012 (gmt 0)

single sign on, one lock, many doors.

then you have to go on a fire drill sealing off all the doors....((how fast can diff teams really react in a time of crisis))

then rethinking it was a bad idea...and unwinding the ball of wax. - more confused customers at best, worse things at worst.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved