跨域验证 [英] Cross Domain Authentication

问题描述

我很好奇跨域验证如何工作？例如。要登录Orkut.com，您需要通过Google.com登录。因此，身份验证在Google.com上进行，并设置Cookie。所以我的问题现在是Orkut.com能够读取这个cookie或验证用户没有其他信息？

什么可能会出错？

解决方案

此链接可能有帮助。

http://code.google.com/apis/accounts/docs/AuthForWebApps.html

请记住，Orkut是其中一项Google服务。

OpenID是SO中实际使用的另一种解决方案。 p>

I am Curious about how cross domain authentication work? for example. To sign into Orkut.com you need to to sign in via Google.com. So the authentication happens at Google.com and it sets the cookie. So my question now is how does Orkut.com able to read this cookie or authenticate the user with no other information ?

What can possibly go wrong?

解决方案

This link might be helpful.

http://code.google.com/apis/accounts/docs/AuthForWebApps.html

Keep in mind, Orkut is one of the Google services.

OpenID is another solution which actually used in SO.

这篇关于跨域验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！