Website Authentication

Question

Website Authentication

I'm just wondering how cross-site authentication is handled for completely external companies? for example, My site is a “portal” to another completely external site.

Is there a standard way to do this so that the user is not prompted to log in again?

I know for example. eBay-> PayPal, you must re-authenticate, but is this the only / reasonable way?

+4

authentication

Bluechippy Dec 7 '10 at 10:26

source share

2 answers

In my opinion, the best way to do this is to create a third application that is responsible for authentication and permissions. I wrote a blog entry about one such application that I created for my own pet projects.

http://www.netortech.com/Blog/Entry/12/Web-passport-services

0

Spencer ruport Dec 7 '10 at 10:36

source share

The archetypal paul · Accepted Answer · 2010-12-07T10:55:50+0000

It will depend on what this other site uses as an authentication method.

Take a look at SAML (this is essentially a way of telling another site that they can trust your claim that this user is the one you are talking about). OpenID is another system that does the same thing.

In general, this is federated identity management,

Website Authentication

More articles: