问题
we are trying to implement single sign on, across multiple domains, but using the same web application under IIS. We have checked some solutions like SAML and OAuth however we are not sure we need anyone of these two. We dont know how we could share the cookie accross the domains, I dont think it's possible but correct me if I'm wrong.
We have looked at google's solution when you go to youtube and you are authenticated with your google account it pulls out your username and your info, but we have no idea how they do this, because it's another domain so the cookie should not travel to youtube. If you have any suggestions on how to do this they more than welcome.
回答1:
You may take a look at the following blog post in which Jeff Atwood explains the mechanism used by the StackExchange network to support cross domain single-sign-on relying on HTML5 Local Storage. And here are some more technical details.
来源:https://stackoverflow.com/questions/11333446/single-sign-on-using-same-application-but-multiple-domains-asp-net-mvc