Inter Site Communication: How to communicate authenticate users registerd on Site A to/with Site B?

Question

I have a situation where there are 'n' number of users registered on Site A. After the user has utilized the services on Site A, he/she is re-directed to Site B to access the services hosted at Site B. How can the application on Site B ensure/verify that the user is an authenticated user at Site A and not a rogue re-direct request.

There is a possibility of using Federated Identity. However, I am looking at some other solution.

Could someone direct me as to where I should start looking to enable such a service/feature.

The application hosted on Site B is developed in JAVA. Definitely the communication is independent of the technology,however it would be an added advantage to use JAVA cause of the skill set.

Answer 1

This topic is generally called single sign on, for which there are many, many solutions and the full topic is really beyond the scope of a single answer here.

It depends on a lot of factors, what technology stacks you need/want to use, etc etc etc.

I've done some work with Oracle SSO. It's kind of annoying actually and you have to intercept HTTP requests for custom headers to authenticate users, etc.

Some projects worth checking out are JOSSO and CAS.