According to Wikipedia, A simple version of single sign-on can be achieved over IP networks using cookies but only if the sites share a common DNS parent domain
. This means that if the user has authenticated on login.foo.org
, then the web-server on login.foo.org
issues an authentication cookie for foo.org
domain and the user is able to authenticate on sites like billing.foo.org
or wiki.foo.org
using that cookie. However, could the login.foo.org
make a request to login.bar.org
after a successful authentication and thus the user would get two authentication cookies: first-party cookie for foo.org
domain and third-party cookie for bar.org
domain?
Is it possible to use cookie-based single sign-on authentication scheme if sites do not share a common DNS parent domain?
↧
↧
Trending Articles
More Pages to Explore .....