Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cross Domain Authentication

Tags:

authentication

web-applications

cross-domain

I am Curious about how cross domain authentication work? for example. To sign into Orkut.com you need to to sign in via Google.com. So the authentication happens at Google.com and it sets the cookie. So my question now is how does Orkut.com able to read this cookie or authenticate the user with no other information ?

What can possibly go wrong?

like image 803
gnosio Avatar asked Jun 26 '09 06:06

gnosio

People also ask

What is cross-domain authentication?

Cross-domain authentication is a common approach in identity management that authenticates users for sites that run on different domains. ReachFive handles this even for browsers that block third-party cookies. Cross-domain authentication is much more streamlined when using SSO.

How do you implement cross-domain authentication?

Show activity on this post. Using an authentication token should work fine, but consider these points: Use a strong PRNG to generate the token, and generate a long token to prevent bruteforcing. Make sure a used token will instantly be invalidated to prevent replay-attacks.

How does SSO work across domains?

The SSO domain authenticates the credentials, validates the user, and generates a token. The user is sent back to the original site, and the embedded token acts as proof that they've been authenticated. This grants them access to associated apps and sites that share the central SSO domain.

What is cross-domain in Active Directory?

Caution: Active Directory cross-domain authentication requires one-way trusts between the domains or forests. However, Data Hub requires two-way trusts between the domains or forests. If it's not possible to provide two-way trusts between the domains or forests, claims-based authentication may be used instead.

2 Answers

This link might be helpful.

http://code.google.com/apis/accounts/docs/AuthForWebApps.html

Keep in mind, Orkut is one of the Google services.

OpenID is another solution which actually used in SO.

like image 54
jimx Avatar answered Sep 28 '22 21:09

jimx

orkut is probably using google's OpenID+oAuth for authenticating users. This means that you probably have a google identitity url stored in your orkut profile, and orkut sends you to google so that you can verify that the users signing in through the browser do indeed own the google identity. If orkut gets verification that you own the identity, then orkut can safely assign you the autentication cookies for orkut.

like image 29
Sean Kinsey Avatar answered Sep 28 '22 20:09

Sean Kinsey
Sign in to Comment

Related questions

Where are Google Application Default Credentials stored?
c# check if the user member of a group?
How do I keep a user logged into firebase after refresh in React.JS?
REST Authentication in PHP (CodeIgniter)
What is the best way to ban/block users with Devise for Rails?
How do you programmatically end a session in asp.net when Session.Abandon() doesn't work?
Airflow user creation
Class 'App\Validator' not found laravel
How to login with AWS CLI using credentials profiles
Nuxt Auth - User Data not set
React router v4 redirect when no match
Respond with status code 401 on authentication failure using Laravel and Passport?
reading gmail is failing with IMAP
Stop users committing to git as wrong user
Possible to use the native facebook app to log into a mobile html5 app? On the iPhone
Access Jira API using OAuth2.0 2-legged approach in .NET
Can I customize the firebase OTP digits (default 6 to 4)?
Why should I authenticate a client using a certificate?
HTTP Digest Authentication
Durandal login page redirect pattern

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!