Do you know how Google doe authenticates users for multiple domains / services with just one name? (Please do not say only SSO: D).
What I mean: when a user visits translate.google.com and authenticates here, he is also logged in to google.com, gmail.com, youtube.com, etc. How it works? The main problem is that sessions / cookies only work for the domain in which they were created.
I thought, because the loggin in the user is redirected to google.com and needs to authenticate there. Therefore, when it is registered here, it must also be registered on foo.google.com, bar.google.com .... (see RFC 6265 - Domain cookie setting for a subdomain )
But that doesn't make any sense, since domains like youtube.com work. I also looked at redirects with Firebug and no google.com.
See Firebug here: http://www.noppen-lehrgang.de/data/goog.png
There is also a list of cookies that Google sets when you visit it for the first time and after logging in: noppen-lehrgang.de/data/goog2.png
I have a website in PHP that is accessible through different domains and would like to have this functionality (the domain used affects the content). I saw scripts like multidomain-sso ( https://github.com/0k/multidomain-sso ) that makes AJAX calls to create sessions for all the domains you need. But it seems dirty, especially when the number of domains grows.
- ? , - SSO.., , oAuth openID, , , API- .
! Gerti