UBB.Developers Forums UBB.threads 7 Development How Do I? One Cookie file for Multiple server !!

Hi Every one,
Any one can help me to find if it possible to set one cookie file to allow multiple server to access it ??

and this is my example :


server one : www.myserver1.com
server two : www.myserver2.com

my database which have the user table is in server one , and when user logged in from server one, and try to access server two , it's give them unlogged screen !!!

so what i need is to set that one cookie file to allow user who already logged in server one can access server two with out need to sign in again ...

hope u understand my point ....


Thanks in advance
BMH

That's not possible across two different domains. Sorry.

But i am wondring how (MSN & Hotmail & Passport) can do it ??

when you already signed in Hotmail.com ... you can access to Passport.com & MSN.com ?? how that can be possible ?? or they are using different techniques ??

They are using Microsoft's "passport" authentication (not a simple cookie). I'm not sure what it costs to get the license to use their passport service but you could probably spend a good chunck of change to purchase it and then spend another good chunck to have it implimented.

Thank you very much for clearify this issue ...

I dont think my budget enough to have passport authentication ... anyway i will leave it as it is

Thanks

Using sessions and storing the session info into a database would be a way to acchieve this.
Both servers could use the same session database so that you are authenticated on both machines.

This isn't trivial and requires some work. Just want to mention, that it is possible.

One thing to note about Astaran's session suggestion is that you are passing the authentication on your servers. At the moment every time the board needs to retrieve the user number or the languate it queries the cookie which is local to the client. In the session suggestion this will be on the server which will increase the queries on your database, your bandwidth and the load on your server.

If you want to do this with cookies you will need to modify the code quite a bit to use the same cookie. What I was thinking is when the user goes to server 1 the cookie gets created and the user is logged in. When the user wants to access the data on the server 2 then it reads the cookie that the server 1 produces so that it authenticates the user. The name of the cookie 1 can be stored in a variable on the boards. If the authentication information is not found in the cookie produced by server 1 then it will be searched on the cookie of server 2 and vica versa.

The same problem applies if you have your forums at say forum.domain.com and otherpages at www.domain.com - as these are also two different domains in effect.

This might be easier to get round though.

I've hacke my threads to allow for setting the cookie domain as well, and I've set my cookie domain to ".rollspel.nu" so that cookies can be read from both "forum.rollspel.nu" as well as "www.rollspel.nu". Actually it works for any subdomain to rollspel.nu but those are the only ones I use.

I'm not sure if I followed exactly what you meant, but won't the problem with not being able to read cookies from other domains still cause problems?

When logging in, the session info could be saved in the database together with the IP that the user is using, as well as a cookie being set. All pages look for the cookie as before, so when you stay on the same server everything works as before. But if they go to the second server, no cookie exists, so instead the database is queried with session info for the IP of the user and the session info is used to set a new cookie on this domain.

This might be what you meant though. =]

Yep you got it right! Sorry my post might have been a bit misleading - come to reading it again... LOL

Thanks Olle