Hi all,

I am trying to accomplish the following.

On domain one I have a password protected section, users log in to this section by a username and password. In this section is a particular page with downloadable stuff on it.

On domain two I also have a protected section, after users have logged in onto this domain I want them to be able to click a link and have access to the particular page on domain one, without the need to verificate themselves once again.

Basically I need to have the .htaccess on domain one configured to that it alows access from domain2.com/page.html

How can I do this?


Thanks to you all for your time!

Add their user and password created in the domain one's htpasswd file possibly? I'm not sure if this would work as I don't or have never set something like this up myself.

I don't think this will work due to the security restrictions on the browsers. They will only sned your username and passwords to hosts that you say it is ok to authenticate to. Imagine that the first page on my site running a custom web server asked you for a username and password and your browser just sent the last one that it used.

If you write the pages with perl or php you could check the referer information but I think that is all.

You might be able to get it working using the Apache modules mod_rewrite or mod_auth_cache. Personally I would go with mod_auth_cache, as mod_rewrite can be a real resource hog. Check out the mod_auth_cache home page at sourceforge:

http://mod-auth-cache.sourceforge.net/

They actually have a very basic how-to on setting up a single sign-on authentication system across multiple domains.

-----Edit------

It doesn't look like they've release a version for Apache 2.0.