Is there any better solutions for single sign on (SSO) functionality - PHP

Question

I working on website application which is developed on laravel 4.2 framework and my website associated to another websites application that are related to.

I want to implement single sign on (SSO) functionality in my application.

Suppose my application : www.example.com

Associated websites are the following :

1. www.testsite1.com
2. www.testsite2.com
3. www.testsite3.com
4. www.testsite4.com

When i logged on to any one of the websites (my application or associated websites).

After logged, hits rest of the websites except (currently i logged websites) then it should not prompt for login means it should allow to enter in the application without logging because i already logged at one application.

Same as, when we logged on gmail account,and go to any account (drive,google plus,youtube etc) then it won't ask for login again,it bypass the login page for application.

Is there any better and feasible solutions for php/laravel ?

Answer 1

May be following steps will help you to achieve single sign on across your different website

1. When the user visit the www.testsite1.com , redirect user to SSO server.
2. Once the user is redirected to the SSO server, check if the cookie exist, as its for the first time there will be no cookie so show the login page which is hosted on SSO server.
3. After getting the credential from the user validate the user
4. If the user is valid, generate a token now this token can be unique hexadecimal number or hash for the timestamps.
5. Set this token into the cookie on the SSO server and redirect the user back to the original site or success page
6. Now when user visit the www.testsite2.com or www.testsite3.com, redirect the user to the SSO server again
7. Once user comes to SSO, check for the cookie, if it exist and not expire then redirect user directly to the success page without asking for login credential again or show the login page and follow the drill again

As we are redirecting the user on the different server, we can set the cookie there with the common name as 'SSOcookie' and every time access the same when coming from different application. This will help you to achieve single sign on for different domain.