I would like to suggest a completely different approach to your problem. Instead of copying cookies from one place to another (manual sync), let’s make HttpURLConnection and WebViews use the same cookie storage. This completely eliminates the need for sync. Any cookie updated in any one of them, will be immediately and automatically reflected in … Read more
WAFFLE is a great solution for this. It does not need Kerberos configuration.
We’re using OpenAM. http://forgerock.com/openam.html The OpenAM Cookie means that the user is authenticated. An authentication backend for this is pretty simple. Under 50 lines of code. https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#other-authentication-sources We wrote a little bit of code that makes a RESTful request to the OpenAM server to get the user, group and role information. We then use the … Read more
Another answer gives a way to manually resync the device with the server. I defined a method called fbRsync to call this code. Make sure to #import <Accounts/Accounts.h> in your implementation file and then define this method: -(void)fbResync { ACAccountStore *accountStore; ACAccountType *accountTypeFB; if ((accountStore = [[ACAccountStore alloc] init]) && (accountTypeFB = [accountStore accountTypeWithAccountTypeIdentifier:ACAccountTypeIdentifierFacebook] ) … Read more
There are multiple options to implement SSO for a .NET application. Check out the following tutorials online: Basics of Single Sign on, July 2012 http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO GaryMcAllisterOnline: ASP.NET MVC 4, ADFS 2.0 and 3rd party STS integration (IdentityServer2), Jan 2013 http://garymcallisteronline.blogspot.com/2013/01/aspnet-mvc-4-adfs-20-and-3rd-party-sts.html The first one uses ASP.NET Web Forms, while the second one uses ASP.NET MVC4. If … Read more
I was looking for an official Facebook statement regarding this issue and finally i found this: https://developers.facebook.com/docs/facebook-login/multiple-providers#postfb1, which clearly says that developer should not rely on the fact that email address is verified.
Single sign-on (SSO) is conceptually pretty simple. User hits domain1.com. domain1.com sees there’s no session cookie. domain1.com redirects to sso.com sso.com presents login page, and take credentials sso.com sets session cookie for the user sso.com then redirects back to domain1 to a special url (like domain1.com/ssologin) the ssologin URL contains a parameter that is basically … Read more
The SSO solution that I’ve implemented here works as follows: There is a master domain, login.mydomain.com with the script master_login.php that manages the logins. Each client domain has the script client_login.php All the domains have a shared user session database. When the client domain requires the user to be logged in, it redirects to the … Read more
There is absolutely no way for domain.com to set a cookie for domain1.com. What you are attempting to do can only be solved by getting the user’s browser to submit requests to each domain which will then set its own cookie. Then you need a way for each domain to verify the user’s identity. There … Read more