I don't think so. Redirects allow the *browser* to send the request to the
server, which will include any relevant authentication cookies. An
arbitrary server-to-server request wouldn't include those cookies.
On Tuesday, May 1, 2012, Joao Leme wrote:
> Could we use webservices instead of redirects for SSO multiples sites with
> different domain? Any sample code? Thanks!
> --
> You received this message because you are subscribed to the Google Groups
> "DotNetOpenAuth" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/dotnetopenid/-/tf2xdZjYV7EJ.
> To post to this group, send email to dotnetopenid@googlegroups.com<javascript:_e({}, 'cvml', 'dotnetopenid@googlegroups.com');>
> .
> To unsubscribe from this group, send email to
> dotnetopenid+unsubscribe@googlegroups.com <javascript:_e({}, 'cvml',
> 'dotnetopenid%2Bunsubscribe@googlegroups.com');>.
> For more options, visit this group at
> http://groups.google.com/group/dotnetopenid?hl=en.
-- --
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre
Thanks Andrew, it does make sense now. What about using an iframe for the redirects? Would that easy the loading time? I was thinking about having the RP checking on every request with the provider if there was a change on the login status. Thanks in advance!
On Tuesday, May 1, 2012 8:46:49 PM UTC-3, Andrew Arnott wrote:
> I don't think so. Redirects allow the *browser* to send the request to > the server, which will include any relevant authentication cookies. An > arbitrary server-to-server request wouldn't include those cookies.
> On Tuesday, May 1, 2012, Joao Leme wrote:
>> Could we use webservices instead of redirects for SSO multiples sites >> with different domain? Any sample code? Thanks!
>> -- >> You received this message because you are subscribed to the Google Groups >> "DotNetOpenAuth" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/dotnetopenid/-/tf2xdZjYV7EJ. >> To post to this group, send email to dotnetopenid@googlegroups.com. >> To unsubscribe from this group, send email to >> dotnetopenid+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/dotnetopenid?hl=en.
> -- > -- > Andrew Arnott > "I [may] not agree with what you have to say, but I'll defend to the death > your right to say it." - S. G. Tallentyre
Yes, iframes can be used (with OpenID in immediate mode). But the HTML/JS
required to do so is mostly left as an exercise to the reader. There are
some ASP.NET controls (if you're using web forms) or samples that may help
you (nerddinner.com) in this area. They don't do what you're trying to do,
but they demonstrate some common iframe and js patterns for openid that may
assist you.
On Tuesday, May 1, 2012, Joao Leme wrote:
> Thanks Andrew, it does make sense now. What about using an iframe for the
> redirects? Would that easy the loading time? I was thinking about having
> the RP checking on every request with the provider if there was a change on
> the login status.
> Thanks in advance!
> On Tuesday, May 1, 2012 8:46:49 PM UTC-3, Andrew Arnott wrote:
>> I don't think so. Redirects allow the *browser* to send the request to
>> the server, which will include any relevant authentication cookies. An
>> arbitrary server-to-server request wouldn't include those cookies.
>> On Tuesday, May 1, 2012, Joao Leme wrote:
>>> Could we use webservices instead of redirects for SSO multiples sites
>>> with different domain? Any sample code? Thanks!
>> --
>> --
>> Andrew Arnott
>> "I [may] not agree with what you have to say, but I'll defend to the
>> death your right to say it." - S. G. Tallentyre
> --
> You received this message because you are subscribed to the Google Groups
> "DotNetOpenAuth" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/dotnetopenid/-/nfOPFTtelXUJ.
> To post to this group, send email to dotnetopenid@googlegroups.com<javascript:_e({}, 'cvml', 'dotnetopenid@googlegroups.com');>
> .
> To unsubscribe from this group, send email to
> dotnetopenid+unsubscribe@googlegroups.com <javascript:_e({}, 'cvml',
> 'dotnetopenid%2Bunsubscribe@googlegroups.com');>.
> For more options, visit this group at
> http://groups.google.com/group/dotnetopenid?hl=en.
-- --
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre
