ayoksus Posted September 11, 2012 Share Posted September 11, 2012 Hi, I've made a kind of login portal where a visitor can login to a specific site from my site. I only create a login form in my site with the exact input field name with that other site. It works fine, people can login from my site. However, if members, after login, go logout, they cannot login back again, because the site does not remove the last session. So visitors cannot login back after logout from that site. I've asked this third party how can it's possible for the members to login back. They said that I need to remove the cookies on the client side. But how can I remove cookies from other site? Thanks in advanced. Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted September 11, 2012 Share Posted September 11, 2012 Give us a link to this portal, please. Quote Link to comment Share on other sites More sharing options...
ayoksus Posted September 11, 2012 Author Share Posted September 11, 2012 Thanks! This is the link: https://start.exactonline.nl/docs/MenuPortal.aspx Quote Link to comment Share on other sites More sharing options...
ayoksus Posted September 11, 2012 Author Share Posted September 11, 2012 anyone? Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted September 11, 2012 Share Posted September 11, 2012 No, you can not delete cookies from another site! It smells like cross-site scripting (XSS) Quote Link to comment Share on other sites More sharing options...
Jessica Posted September 11, 2012 Share Posted September 11, 2012 If you're allowed to be doing this, look into SAML. If you're not, we're not going to help you break the TOS of another site. Quote Link to comment Share on other sites More sharing options...
ayoksus Posted September 11, 2012 Author Share Posted September 11, 2012 Yes we are allowed to do this, cos we're a partner. Do I need to do that with SAML? Quote Link to comment Share on other sites More sharing options...
ayoksus Posted September 12, 2012 Author Share Posted September 12, 2012 I can create cookie.txt with curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); but I don't know how to read it.. # Netscape HTTP Cookie File # http://curlm.haxx.se/rfc/cookie_spec.html # This file was generated by libcurl! Edit at your own risk. #HttpOnly_start.exactonline.nl FALSE / FALSE 0 ASP.NET_SessionId y00hrl456hug0o3cyv0y4uye #HttpOnly_start.exactonline.nl FALSE / FALSE 0 ExactServer{27bbvf83-8f8l-43jg-bjh8-005rt46335e7} Division=754437 #HttpOnly_start.exactonline.nl FALSE / FALSE 0 ExactOnlineLogin 4750C681E32F0447F6DED886F45645137C3983DD6664AE7020CCE520D06F9C0F4A37173E282643BCFB0404A076AC6719BD56B3E74F5C0EF834F74DFD10244BF2B2F53E45B073C04FCA2266D8935C0C8131D22DAC094AA3E7631DAD3F6B51E5CA191629987EC179FAF0A4C1B31419A1988713D04353HFH54645646j29DB4EA39213AF20610922860CCCA5D88D61406357482237A47549E58831DF7F0B7BFD24C2E31AC2F2B11617CB1FA2148DB47879AF303C835D44945D5E457E44770FB3ECFE9D936C403E7489128B538DC0817631845B3F137D48EAB5CC75444AA3D8B33D64D3A06B52394602D21CE5F471B9114B78C53325BB18E761D4 start.exactonline.nl FALSE / FALSE 0 BIGIP-F5 20167890524.20324.0000 Can someone please help me? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.