If I have one server with multiple domains, what is the preferred method for implementing single sign-on in one domain. I'm currently using the program, you have several million cookies on separate domains, and I'm stuck. In addition to implementing a single SSO, I also need to transfer various cookies to a central domain. As for the various servers, they only have one page, which requires me to show different states depending on whether the user is logged in.
I tried the following:
CORS: Select one domain as the central authorization center. From all other domains, do cross-domain checks to see if the user is logged on. To transfer cookies, find out if there is a current_user object, send it to the client, make a CORS request, sign the user and kill the token. Works great! BUT ... After he built it for 2-3 weeks, TOTALLY FAILS in IE. Even IE11, I notice that this behavior is disabled by default.
tried messing with session storage in
Rails.application.config.session_store
bad luck.
I am currently experimenting with the following:
JSONP: I have someone right now to convert above to JSONP instead, when I try to execute some other parameters:
Set up your own OAUTH provider. As before, it will be the "central domain", if the person is signed, return to the requested domain with the token from which users can make requests. https://github.com/songkick/oauth2-provider
Looking at it, but does it look outdated? https://github.com/rubycas/rubycas-client . I also feel that this could be a solution if I refuse it, but given how far we go into the project, I donβt understand how to transfer the existing cookies. It is also unclear whether this requires two applications to run and run (one for clients, one for auth server).
As I look through each of these opportunities, if anyone has the experience that I am doing, please let me know and save me a lot of work :)
source share