Can i include login from aspx site into php web page?

[rich_traff]

I have 2 websites, a companies main website written in PHP and a web application they have purchased written in aspx

 

(main site)

www.example.com

 

(web app)

www.webapp.com/login.aspx?CompanyName=example

 

The client wants people to be able to login from their main website which then redirect to the webapp (which will be styled like their branding) without the customer realising they have left the main site.

 

I thought i may be able to achieve this with a simple include from a page within the main site such as;

<?php
// www.example.com/software

include"http://www.webapp.com/login.aspx?CompanyName=example";
?>

This pulls in the login page fine, however when you try to login it does not redirect, it gives a 404 error as it trys to open this URL

http://www.example.com/software/login.aspx?CompanyName=example

 

Is there a way of pulling in the necessary html from the aspx site to provide a login box in my clients main site but then have it redirect to the correct aspx page (on the aspx site)?

 

I have thought about using an iframe, but that wont redirect to the webapp upon login, but just keep everything withing the iframe

 

thanks for any advice...

[teynon]

You have a couple of problems with what you are trying to do here.

 

1) You are creating a gaping hole for malicious users to jump straight into.

 

2) You are trying to log someone in on a different server. This means that even if you get them to log in, how are you going to verify on the rest of the pages that they are indeed logged in?

 

Your best bet is to recreate the login on the PHP side and connect to the database the ASP site is using via PHP on the backend. You shouldn't be sending any type of login information from a browser on Server X through their browser to Server Y.

[rich_traff]

Yeah i see you point, thanks for tip, il rethink the approach...

[ManiacDan]

Look at single-sign-on implementations like SAML and other SSO.