I have been developing a single sign on service in my spare time the last 2 years. The main difference to say OpenID, is that my one maintains a constant presence in client sites for the duration of the session, across all sites! Giving the user certain options at all times.
I would love feedback from fellow developers on the concept. The service is just in its infancy and much development is still needed, but the core idea is up and running.
If your interested have a look at coreplexus.com Fuze.
Once you have logged into one site using the service, any other site (that uses the service) you visit you will automatically be logged in.
When you log in it doesn’t log you into everything at that point in time. It’s when you interact with a site that it checks whether your logged in.
Example (all sites use the service):
I log in on site A
I then open up site b, the service can tell im logged in already and tells the site who i am.
I go to site c. it does the same as b
I log off on site c. Any interaction with a or b and the page will say your logged off.
Does this explain it a little better?
Note: At present the behaviour is different when 3rd party cookies are turned off. In this instance it doesn’t pick up the login straight away. As soon as you hit login though the detection is done and it almost looks like they never leave the site. I will probably change this behaviour in the future to make it the same as when 3rd party cookies are enabled. I have noticed a few browsers dont actually honour when you turn 3rd party cookies on or off.
I’m curious about what this does. You’re saying that I’ll be logged in to every username-password site that I could log in to automatically all at once?
If you want to try it. You can use the sites
tracksidefashion.com is just a dummy site (used as an example). As in it doesn’t do anything. But if you are logged in, you will get some extra links showing. This tells you the site knows you are logged in.
Twaboo.com is an actual game site I made for fun.