共享 Cookie 和/或身份验证
多个站点是否可以共享 cookie 或创建“全局”cookie 供多个站点访问?它们共享相同的域,但具有不同的子域。
我们有多个系统,需要一种在它们之间共享身份验证的方法。当用户登录其中一个时,我们希望他们也登录其他用户。
其中一个网站是通过 Magenot 进行身份验证的,因为它是我们的电子商务网站。一个是通过 Wordpress,因为它是我们的内容,另一个是 ASP.Net 站点。它们都通过 Web 服务向 Oracle 后端进行身份验证,但我如何判断用户是否已登录到其他用户之一,如果是,则将其登录到他们正在访问的用户中?
有人知道如何轻松做到这一点吗?
Is it possible for more than one site to share a cookie or create a "global" cookie for multiple sites to access? They share the same domain but have different subdomains.
We have several systems and need a way to share authentication between them. When a user is logged into one, we want them to also be logged in to the others.
One site is authenticated through Magenot as it is our e-commerce site. one is through Wordpress as it is our content and the other is an ASP.Net site. They all authenticate to an Oracle back end through a web service but how would I be able to tell if a user is logged into one of the others and if they are, log them into the one they are accessing?
Anyone know how to do that handily?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
可以为域或子域设置 cookie,因此,您可以通过将其设置为顶级域来拥有全局 cookie。在这种情况下,您需要将每个系统配置为使用顶级域作为其身份验证 cookie 和相同的 cookie 名称。
然而,不同的系统将对其 cookie 使用不同的内容和加密,因此我认为他们无法按照您想要的方式共享 cookie。
A cookie can be set for a domain or subdomain, so yes, you can have a global cookie by setting it to your top level domain. In this case you would need to configure each system to use the top level domain for their authentication cookie and the same cookie name.
However, The different systems are going to use different content and encryption for their cookies so I don't think they can share a cookie in the way you intend.