跨域认证 [英] Cross Domain Authentication

问题描述

我很好奇如何跨域认证工作的？例如。要登录Orkut.com你需要通过Google.com登录。所以认证是在Google.com和它设置cookie。因此，我现在的问题是如何做Orkut.com能够读取这个cookie或没有其他信息来验证用户？

I am Curious about how cross domain authentication work? for example. To sign into Orkut.com you need to to sign in via Google.com. So the authentication happens at Google.com and it sets the cookie. So my question now is how does Orkut.com able to read this cookie or authenticate the user with no other information ?

什么能可能出错？

推荐答案

此链接可能会有所帮助。

This link might be helpful.

<一个href=\"http://$c$c.google.com/apis/accounts/docs/AuthForWebApps.html\">http://$c$c.google.com/apis/accounts/docs/AuthForWebApps.html

请记住，Orkut的是谷歌的服务之一。

Keep in mind, Orkut is one of the Google services.

OpenID是它居然在这么用另一种解决方案。

OpenID is another solution which actually used in SO.

这篇关于跨域认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！