More information about the Underscore mailing list

[_] multi domain login

Jan Grant jan.grant at bristol.ac.uk
Thu Nov 1 09:56:21 GMT 2007 

On Thu, 1 Nov 2007, Matt Hamilton wrote:

> All the main systems use some kind of variant on this system.  I'm  
> not sure how the big commercial sites like yahoo.com deal with this  
> but I'd imagine they do something similar.  When I go to  
> groups.yahoo.com it already knows me as I logged into mail.yahoo.com  
> earlier.  I've not followed the HTTP requests but I'd imagine it is  
> similar.

Yahoo have it a bit easier because the cookie domain can be set to 
".yahoo.com".

Slapping in an openid provider for your sites is pretty trivial. Hell, 
if you want baroque and fragile, you don't even need a separate single 
place to log in. Permit login on any site and use a crufty set of 
round-robin onward redirects to skip through all related sites looking 
for an established session :-)

(Setting this up is left as an exercise for the reader.)

-- 
jan grant, ISYS, University of Bristol. http://www.bris.ac.uk/
Tel +44 (0)117 3317661   http://ioctl.org/jan/
Goth is the new black.