tags:

views:

582

answers:

3
Q: 

How to seamlessly mix ASP.NET and PHP Web applications

I have two websites, one driven by ASP.NET and the other in PHP. The PHP site is hosted on a relatively inexpensive host provider ('unlimited bandwidth and diskspace for $10 a month). The PHP site also provides REST URLs which would help me in monetizing my website.

The other site (the 'main' site, as it were) is an ASP.NET website which houses the login mechanism. My goal is to allow users to log in to the ASP.NET site and then be redirected to the PHP based domain. Is there an easy and feasible solution that accomplishes this?

I have a few questions with regards to that approach:

How would I pass session information and variables from the ASP.NET Application to the PHP based application, to facilitate the aura of 'Single Sign On'?

Would a 'simple' cookie be able to handle this scensario? Or would I need to use encrypted query strings?

There is no 'sensitive' data on these sites, so securing user data isn't a top priority. The site was built 'for fun'.

Are there hosts that allow subdomains to be hosted on a different language platform than the main domain? If I had www.example.com hosted on an ASP.NET server, could I have a subdomain (forum.example.com) hosted on a PHP server? Is this possible?

Any help on this is greatly appreciated.

A: 

I would go for a cookie if both sites are on the same domain. One advantage of cookies over encrypted strings is that they are automatically passed between requests and you don't have to think about them when building your urls. One downside of cookies is that they can be disabled by users.

Darin Dimitrov  2008-12-21 15:37:08
+1  A: 

Although more complex, I would go with the same methodology as the OpenID spec and use the Diffie-Hellman exchange. This allows two parties with no prior trust, to establish a trust for a certain period of time.

Info for PHP

Info for VB.NET

Jeff.Crossett  2008-12-21 15:47:46
A: 

Store the sessions in a database and create / use a session-type which is cross-platform. You might to do it yourself. But you should know that passing sessions etc between different languages like this, can be dangerous ( security-wise )

Filip Ekberg  2008-12-21 16:51:29

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases