Hi Jean-Philippe, "BENARD Jean-philippe" <[EMAIL PROTECTED]> wrote .. > Is there a solution for this situation? We are running PHP 4.3.1/4.3.3 > over apache 1.3.27/1.3.28 on Sun systems (SunOS 5.6). > More over, there are some apps writed in JAVA (WebSphere & IBM HTTP SRV) > technologies which are in the same workgroup for political reason (We > can't imagine making them in PHP ...). If the first solution exist > (making a SSO for all PHP apps), is a second solution for PHP/JAVA SSO > could be imagined?
We implemented something like this for Siemens based on SOAP (after wez fixed ext/soap). The first part, a single database for all user data is simple : a) all authentification data is hold in the session b) authentification is done by just one server, the others are served via soap. The second part is a bit more complicated: c) if you are already logged in on one server, you can switch to another server by clicking a special link who establishes a new session on the remote server and gives back a token. then the user gets redirected to a special url on the remote server - using the one-time-token - and he gets connected to the new session d) if c) doesn't work: after b) the server does a redirect to the authentication server, the user gets a cookie there and redirected back. When he switches to another server, the redirect to the authentication server is done again, and, if a cookie exists, a session on the other server is established. Afaik Microsoft uses the d) workflow for passport. Feel free to contact me by PM if you got any questions. best regards, johann -- Johann-Peter Hartmann http://thinkphp.de
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
