Page 1 of 1

Cross domain security

Posted: Wed Apr 19, 2006 12:23 pm
by kendall
Hello,

I have build a login system that allows access from one domain to another domain. A theory being planned is to use an iframe or frame set to host the page from the other domain and set a cookie that has both domains so that the cookie can be accessed.

I have usually used session variables rather than cookie based as it is much safer but i'm not sure what my approach is in this instance

please advise me

Kendall

Posted: Wed Apr 19, 2006 12:32 pm
by neophyte
Someone correct me if I'm wrong, but I thought SOAP was the protocol of choice for cross site logins?

Posted: Wed Apr 19, 2006 12:34 pm
by kendall
neophyte wrote:Someone correct me if I'm wrong, but I thought SOAP was the protocol of choice for cross site logins?
Really?...uhm...isn't that some sort of XML thing? well i don't know SOAP but what you think of the scenario...personally im reluctant to undertake this project

Kendall

Posted: Wed Apr 19, 2006 12:41 pm
by neophyte
I've never had to do a multi-site single login before across servers but I think I've heard of it done with SOAP.