• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to Auto Login from Remote Site?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to Auto Login from Remote Site?

  • Subject: Re: How to Auto Login from Remote Site?
  • From: Chuck Hill <email@hidden>
  • Date: Thu, 6 Jan 2005 18:29:42 -0800
You might want to take a look at how this works, it is secure:
http://www.umich.edu/~umweb/software/cosign/

Chuck


On Jan 6, 2005, at 11:58 AM, Kieran Kelleher wrote:

I have a customer whose clients have their accounts on their web application. They want to send authorized users to our site without them having to log in again at our site. I am thinking of this approach and I really would appreciate any feedback....

1) I will create no password accounts on our website with userids corresponding to the customer's own website.

2) The customer site will redirect its logged in users to a Direct Action in my WO app using a secure request with form value key pairs that they generate based on my spec. The request will be authenticated using the following criteria for the request:
It must be a secure https request
It must originate from the customer's IP address
It must contain a valid userid
The request must contain a master passphrase for the customer

Failure of any of these criteria will result in logging the reason it failed and a Page Not Found error (I don't want to give away details why the request failed)

Does this sound like a sound secure approach, is there a better design pattern or am I reinventing the wheel?


________________________________________________________________
Dev Config = OS X 10.3.5 / Java 1.4.2_05 / WO 5.2.3 / XCode v1.5 / MySQL 4.0.20 / Connector-J 3.0.11
Deploy Config = OS X 10.3.7 Server / Java 1.4.2_05 / WO 5.2.3 / MySQL 4.0.20 / Connector-J 3.0.11
My Blog: http://webobjects.webhop.org/

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
village.net

This email sent to email@hidden
--
Practical WebObjects - a book for intermediate WebObjects developers who want to increase their overall knowledge of WebObjects, or those who are trying to solve specific application development problems.
http://www.global-village.net/products/practical_webobjects



_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re(2): How to Auto Login from Remote Site?

      • From: "Robert Snyder" <email@hidden>
      • 





References: 


 >How to Auto Login from Remote Site? (From: Kieran Kelleher <email@hidden>)






    

  • Prev by Date:
Re: EOModeler enumeration question

    • 

  • Next by Date:
Re: WO/Javascript

    • 

  • Previous by thread:
Re: How to Auto Login from Remote Site?

    • 

  • Next by thread:
Re(2): How to Auto Login from Remote Site?

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •