Hi, Example i had few systems(all deployed by Yii) with same directory wwwroot/XX
"user" already login in main systems,
My question is it possible when "user" click redirect link from main system to systems A, B, C without login again?
because i want to try reduce login step and security.
My solution now is all the redirect link from "main systems" will keep that user id and password(encode) to "site/redirect"
this "site/redirect" controller setting same with user identify.
I assume you store your sessions in cookies.
Do you use distinct domains for your different systems? If they lie on the same tld and are accessed using subdomains / different paths, you could force Yii to set the cookies so they apply for all of your systems.
But you could also implement an interface in all of your systems like: autoLoginImage.php?user=myUser&mySecretHash=…
where mySecretHash is a hash of the userName, the hash of the requested system, and something else like the current hour. When requested, this script will return a tiny 1x1 image nobody cares and set the yii session cookie for its domain. If a user logs in in one system, simply display a 1x1-image for each of the subsystems. Thus you do not need a redirect and the user can also close your site and open a subsystem directly.
Configure your session with CDbHttpSession and use "Sessions" database table for all your application by configuring.