How hard is it to create a "single sign-on" for multiple websites?

I have this question for you, but let me explain. I have a website who runs a community in vBulletin 3.x, an article portal at (created with WordPress), a games portal at (with AVCMS), etc. I want that when a user register on, basically he’s registered all over the website… so he can login in WordPress, he can login and post with the same user details in vBulletin and finally he can login, play games and earn points palying the games from the system on the games portal. Is this really hard to do? Suggestions? Thanks in advance for any of your replies! :smile:

Note that I’m a pretty noob on PHP.

The login process is really just a matter of authenticating the user and then setting some sort of session token (usually a cookie) to represent that user for the duration of the session.
So you could, as part of the sign-in process on everyone of your sites, set your own cookie that uniquely identifies the user. This would be read by all of your sites and then ‘know’ who this connected user is and that they have already been authenticated by one of your other sites.

DISCLAIMER: It is always a risk to allow any other site authenticate your user; even as in this case where you are in control of those other sites.

1 Like

Then now I have three cookies, one for vB, one for WP and one for AVCM, right? At least when a user register/login.
So, in vBulletin I have this line in config.php:

//    Prefix that all vBulletin cookies will have
//    Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'ee';

Then I should fine the same script in every software that I have installed and use always “bb”, right?
And what about the database? Wouldn’t be better for me to have a new database where I only store the users informations and then I share these informations trought the others sites?

I don’t really understand this. What do you mean exactly?

as an analogy: would you let in a stranger that claims to be your brother (whether or not you have one doesn’t matter) just because he therefore must be family?

1 Like

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.