[wp-hackers] Wordpress SSO
m.witt at ia-sh.de
Wed Nov 28 23:39:45 UTC 2012
Hey at all,
I have the following situation: There are two different wordpress
installs, different domains, different databases, different servers and
I want to establish an SSO mechanism between those two.
All plugins I found so far that match "sso" are in fact doing shared
authentification and no 'real' sso at all, but I want to login to
wordpress A and then surf to wordpress B and still be logged in (or be
automatically logged in to wordpress B in that second).
The only chance I can think of to get the session cookie from wordpress
A is to redirect to wordpress A, check the cookie and then redirect back
to wordpress B (including some handshake to safely pass the information
if the user is logged in), but because I don't know if there even is a
session I would have to do this on every pageload of wordpress B (so
this can't be a real solution ...). Alternatively I could do some crazy
AJAX/CORS stuff on every pageload of wordpress B to get the session
information from wordpress A and then refresh the page if needed ...
I hoped somebody already thought about all this stuff because I don't
have a clue in the moment. So I would be really glad if someone could
share his thoughts about this topic (maybe this is impossible at all and
that's the reason there is no plugin or howto available?) ...
More information about the wp-hackers