coldfusion - sharing data between two sites ( if the request is valid ) -
i'm working on site , has page of documents should accessible members site, , other site has page should accessible members site i'm working on.
at moment beingness done checking http referrer, other site has link www.mysite.com/for-their-members-page/ , if http referrer www.theirsite.com/members/ know valid request site within members area have had sign into, , same other way.
my first concern http referrer can faked, problem depending on users browser or security settings, might not http referrer.
is there solution can verify if request valid - ie coming other sites members area? , vice versa, can verify requests page coming members our site?
thanks help or pointers :)
one "safe" solution utilize coldfusion session variables.
on site a, need have session variable identifies user logged in (say have session.username). have simple authentication check page (check.cfm) this:
<cfif isdefined("session.username")>1<cfelse>0</cfif> site links site b this:
http://siteb.com/page.cfm?remoteid=<cfoutput>#session.cfid#&remotetoken=#session.cftoken#</cfoutput> now site b can check whether user logged site doing this:
<cfhttp url="http://sitea.com/check.cfm?cfid=#url.remoteid#&cftoken=#url.remotetoken#"/> coldfusion railo
No comments:
Post a Comment