CodeIgniter Forums
CI SSO (Single sign-on) Ideas? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: CI SSO (Single sign-on) Ideas? (/showthread.php?tid=71306)



CI SSO (Single sign-on) Ideas? - kaitenz - 07-31-2018

Hi,

I'm having trouble creating a single sign-on.


What I want to happen is to link my 2 apps so they share a same login credentials. So if User1 logs in to my App1, then if he navigates to App2, he is still logged-in for the rest of his session.

I manage to do a same session name, which is not safe. Setting a fixed session name to all my apps so they can share a same session ID.

Any ideas? Please help. Thanks.


RE: CI SSO (Single sign-on) Ideas? - jreklund - 07-31-2018

We need some additional information.
- Are they sharing the same database?
- Are the databases different but on same server?
- Are App1 and App2 on same web server?
- Are you using database sessions or files?


RE: CI SSO (Single sign-on) Ideas? - kaitenz - 07-31-2018

(07-31-2018, 10:52 AM)jreklund Wrote: - Are they sharing the same database?
Nope. App1 has its own database. Same goes with App2.

(07-31-2018, 10:52 AM)jreklund Wrote: - Are the databases different but on same server?
Yes.

(07-31-2018, 10:52 AM)jreklund Wrote: - Are App1 and App2 on same web server?
Yes. Also on the same domain. But in different directory.

(07-31-2018, 10:52 AM)jreklund Wrote: - Are you using database sessions or files?
Database.


Thanks for the help.


RE: CI SSO (Single sign-on) Ideas? - jreklund - 08-01-2018

Can user login into App1?
Can user login into App2? (separate user table with different username/password)
Or do App2 look in App1 database?

Url looks like this?
domain.com/app1
domain.com/app2

Or like this?
app1.domain.com
app2.domain.com


RE: CI SSO (Single sign-on) Ideas? - kaitenz - 08-01-2018

(08-01-2018, 01:09 AM)jreklund Wrote: Can user login into App1?
Can user login into App2? (separate user table with different username/password)
Or do App2 look in App1 database?

They can login to both apps. But once they logged-in to one app, the user session should also be also available to the other app since they will share the same database for user accounts (separated from App1 and App2 database, because I want to make the user information centralize. So if User1 change his name, then those changes should also reflect to App2).


(08-01-2018, 01:09 AM)jreklund Wrote: Url looks like this?
domain.com/app1
domain.com/app2

Or like this?
app1.domain.com
app2.domain.com

The first one (domain.com/app1 | domain.com/app2)


RE: CI SSO (Single sign-on) Ideas? - jreklund - 08-01-2018

I would do something like this:
http://demianlabs.com/lab/post/multisite-codeigniter-with-sessions-preserved-across-subdomains-using-virtual-hosts/

But keep two index.php files, one in /app1/ and one in /app2/ and manually change application path. No need to add PHP logic like the tutorial.

These should be the same in both application/config/config.php
$config['cookie_domain'] = "domain.com";
$config['sess_cookie_name'] = 'ci_session';


RE: CI SSO (Single sign-on) Ideas? - kaitenz - 08-01-2018

Thanks. I'll try this one.