I have two separate servers (s1 and s2) with two separate web applications running. The user is authenticated on s1 and by clicking a link gets redirected to s2. Is it possible to authenticate the user on s2 without having the user to enter his/hers credentials again?
My first thought was to encrypt a password with a secret key known by both servers and pass the encrypted string with the request. Is that enough? Is there a smarter way to go about doing this?
___开发者_JAVA技巧______ __________
| s1 | GET (with encrypted pw)? | s2 |
| | -----------------------> | |
|_______| |________|
Authenticated Need to be authenticated
Thanks.
Yes, you can pass credentials in the querystring or use cross domain cookies.
http://www.15seconds.com/issue/971108.htm
http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论