Author Topic: Single Sign-On?  (Read 4643 times)

Suzumebachi

  • Minion
  • **
  • Posts: 24
Single Sign-On?
« on: January 17, 2008, 11:00:01 AM »
It's great that you guys have implemented the Titan Key for all the sites under your banner, but I had assumed that this would allow me to log in once and be logged into all the Titan sites. 

Are there any plans to implement a single sign on, so that users of a Titan Key do not have to log into each site separately?  Would it be feasible to use a Titan cookie along side the existing individual login cookies?

Yours in anticipation,
Nick

SuckerPunch

  • Elite Boss
  • *****
  • Posts: 1,608
    • Titan Network
Re: Single Sign-On?
« Reply #1 on: January 17, 2008, 12:23:23 PM »
Unfortunately, that's highly unlikely.  Our sites are still all hosted on separate domains (which don't securely share cookies) and even worse - across separate servers and technologies.

It's something we've always talked about but the hurdles are pretty high.

IceHeart

  • Boss
  • ****
  • Posts: 173
  • a.k.a 'Ice' - Shadow Souls' Top Cat
    • Shadow Souls
Re: Single Sign-On?
« Reply #2 on: April 25, 2008, 03:20:24 PM »
Hmm.. I'm kinda rusty on my web development, but perhaps you could 'ease the pain' a little bit by POSTing the username or "email username" from one server to the next, thus allowing the user to only finish with the password and therefore creating the 'receiving' site individual cookie anyways...

not even 2 cents.. just 1 cent, cuz it maybe wrong anyways... :)
« Last Edit: April 25, 2008, 03:50:57 PM by IceHeart »


SuckerPunch

  • Elite Boss
  • *****
  • Posts: 1,608
    • Titan Network
Re: Single Sign-On?
« Reply #3 on: April 25, 2008, 04:05:45 PM »
It'd be way too easy to hijack that.   We'd have to move everything over to like

*.cohtitan.com

or

www.cohtitan.com/*


* representing the different sites (CGT, CIT, Planner, Faces, etc)

IceHeart

  • Boss
  • ****
  • Posts: 173
  • a.k.a 'Ice' - Shadow Souls' Top Cat
    • Shadow Souls
Re: Single Sign-On?
« Reply #4 on: April 25, 2008, 05:20:45 PM »
Granted, but I was thinking NOT to pass the password.. just the user, make it like a 'remember me from the other site?' kinda thing..
I suppose the email could be hijacked for spammers thou, so may not be the best idea anyway..
oh well - told you it was just 1 cent :)


SuckerPunch

  • Elite Boss
  • *****
  • Posts: 1,608
    • Titan Network
Re: Single Sign-On?
« Reply #5 on: April 25, 2008, 05:40:00 PM »
Just passing the username/email wouldn't be nearly secure enough :/