How can we implement Single-sign-on in Extjs4 where there are two different domains
- domain1.com
- domain2.com.
Asked
Active
Viewed 1,885 times
3
David Nehme
- 21,379
- 8
- 78
- 117
Anand Soni
- 5,070
- 11
- 50
- 101
-
By "single sign one", you mean "some kind of way to have the user authenticate once for several sites", right ? Then I'd say it's mostly a server-side issue (sessions) What are your requirements on that side ? Client-side (extjs) : maybe you can leverage Ext.data.proxy.SessionStorage or Ext.util.Cookies – pef Sep 26 '11 at 21:55
-
Thanks for your reply, in Ext.data.proxy.SessionStorage is it possible to access session from another domain? – Anand Soni Sep 27 '11 at 03:31
-
4I don't know. Even if it is, I don't think you should implement single sign on this way : there are security considerations... Really, a server-side solution seems more appropriate : have a look at OpenID – pef Sep 27 '11 at 06:12
1 Answers
2
There are many approaches to Single Sign-On, but it is unlikely that Ext can help you with them. Since the final authentication takes place on the server, your SSO solution needs to focus on how the two servers can confirm the identity of the client.
Here are a few stackoverflow questions
- Here someone suggests OpenID
- If you are using Tomcat, there is a Tomcat feature that may help
- Here someone discusses SSO with LDAP
Anyway the bottom line is (as pef commented) you shouldn't be looking for an Ext SSO solution, you should look at what you're doing on the server and think about SSO from that viewpoint.
Community
- 1
- 1
James Clark
- 1,765
- 13
- 17