Passing Info Between Sites

Question

0.00/5 (No votes)

See more:

Hello All,

I am building a sister site to our main site. This sister site is being used to help advertise the company more so to gain better listing with Google. Basically the sister site is just going to have informative static pages that the user can see what we have to offer and what-not. The main thing I am trying to accomplish (once they sign-up) is to allow the user to login from this sister site and authenticate that user then redirect them to our main site. My problem is that I do not know how to do this since Session variables do not go across domains. The page that they will get redirected to uses Session variables of data retrieved from the database (that is unique for this logged in user) to be able to identify this person from every page in the application. What I would like to do is store the needed Session variables from the sister site so that when get re-directed to next required page of main site that everything just works as though the user logged on from the main site. We would like to do this just so the user does not have to click a "Log-in" button from the sister site and then get redirected to our Log-in page of our main site where they will then have to login. Any suggestions on how to do this?

Thanks,

Brad

Posted 5-Jul-11 3:13am

clugsy64

Add a Solution

3 solutions

Solution 2

What you want to do is to pass the user credentials to the main site via an encrypted querystring.

Posted 5-Jul-11 3:39am

#realJSOP

Solution 3

If the two sites are on the same network (or machine), and they can access the same database, it is relatively easy. You can either do as Keith Barrow suggests and store your session in the database and share whole sessions between sites, or you can have a table that both sites look at which is pre-authentication information – i.e. the second site will initialise a session with valid user information if it can find that information from the first site. In this case links from the first site to the second would include some type of token that identified what to look up.

Posted 5-Jul-11 5:12am

BobJanova

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Keith Barrow · Accepted Answer · 2011-07-05T03:32:00

What you want is possible. This[^] is a very good article on session handling. The part that is most relevant to you is here[^], you can store session in an SQL server. This is intended for web-farms/load balanced environments, but it should cover your scenario.

If you can't use the SQL Session Mode, your other option is to hand-roll your own custom provider, described here[^], in this case you can write to any backing-store you like.