I've got a domain and several sub-domain names that need authentication to gain access to. I'm presently using mod_auth to authenticate customers (mod_auth fundamental) in the domain.tld level. Transpire is perfect for single sign-on between your domain and all sorts of the sub-domain names.
Will these qualifications carry onto the sub-domain names instantly, or having a simple vhost config change, or it is possible to better method to get this done?
mod_auth_fundamental
Browsers distinguish areas that need HTTP authentication by a mix of the URL root and also the title from the authentication realm.
Take for instance, two domain names each having a realm with similar title:
http://one.example.com/ with the realm "Please enter credentials!"
http://two.example.com/ with the realm "Please enter credentials!"
First a person visits one
, is requested qualifications and makes its way into them. Then your user visits two
, the browser sees that the URL differs and therefore asks again the consumer on her qualifications.
This can be a positive thing, because otherwise www.badguy.com could arrange it to ensure that your browser transmits over your web banking login.
In a nutshell: there's not a way to resolve your condition with fundamental HTTP authentication and standard HTTP clients.
mod_auth_digest
You could utilize mod_auth_digest rather, owing to that you could specify several URI to stay in exactly the same "protection space". However, with this particular authentication method you will find two new problems:
- It does not scale perfectly, since you cannot use wildcard domain names.
- Browser compatibility isn't as good. (See the documentation regarding how to have great results with IE.)