CodeIgniter Forums
single signon codeigniter with csrf - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forum-5.html)
+--- Forum: General Help (https://forum.codeigniter.com/forum-24.html)
+--- Thread: single signon codeigniter with csrf (/thread-67617.html)



single signon codeigniter with csrf - codeigniter_guru - 03-15-2017

Hi all codeigniter gurus i have some questions about the logic and ideas of how to use a single sign on on codeigniter with csrf?

for example i have a site which is called test.com when i login on this all its subdomain will login as well

payroll.test.com
members.test.com
profiles.test.com

anybody have ideas on how do i implement this on codeigniter? i have tried using an ajax to submit as well but its not working it keeps at 500 i have disable its csrf to false its not working as well any thoughts?


RE: single signon codeigniter with csrf - paulolaconsay - 04-10-2017

Could you send us some code and what you've done so far, regarding your question? We'd really appreciate it if you can narrow things down further.


RE: single signon codeigniter with csrf - paulolaconsay - 04-10-2017

Have you read CodeIgniter's documentation on the Security class? CSRF is covered there already.

https://www.codeigniter.com/user_guide/libraries/security.html#cross-site-request-forgery-csrf


RE: single signon codeigniter with csrf - InsiteFX - 04-11-2017

You would need to pass an encrypted message through a cookie saved on the users system,
then do a auto-login on each sub-domain.

Similar to a remember me cookie.


RE: single signon codeigniter with csrf - Diederik - 04-11-2017

If you want to use SSO within the same domain name (so across different sub-domains of the same domain) then you can easily share the same session between all of them.

config.php:
[php]
$config['cookie_domain']='.test.com';
[/php