How to Make Single Sign On System (SSO) Using Php – One Login for Multi Sites

Google having one login system for all of their own products as Youtube, Gmail and etc. So as every website owner want this type of single login system in their multi websites. As many extensions and scripts are available, but they are li’l bit costly. So here i have decided to share about How to make Google Style SSO (Single Sign-On) System using php. You can implement this free solution in your wordpress, joomla, magento and drupal hosted website. We also call this solution one login for multi-websites or multi domains. Here we will learn how we can create a single session and access all websites by just one time login. But Before starting a code portion of this tutorial, i want to share some information about SSO.

How to Make SSO Single Sign On System In Php
How to Make SSO Using Php

What is SSO (Single Sign-On System) ?

SSO is an access control property where a user login with a single user id and password to get access of different – different but connected systems, without using different credentials for each system. It accomplished by LDAP ( Lightweight Directory Access Protocol) and LDAP database. Doing this thing possible and easy but keep in mind all domain should have same DNS (Domain Name Server). It’s a easy and reliable way to logins into different system by just one login.

What Is Single Sign Off (SSO) System ?

SSO (Single Sign On) system have another property which called as Single Sign Off system, the property have a facility of single sign off or logout, means if user sign our from one system, user will automatically signed off from all systems or websites. At this moment on web there are too many services which provides one login system but all website don’t have integration of their api. Such as if you want singe sign on system using facebook, you need to integrate facebook login api to do this task.

What security issue may occur ?

As we are working on an important part of user of any website or system. So we need to do care about few things on it, because user data is much important for all of website users and owners. So if you are a programmer you need to do care about website and user data. According to a report of march 2012 a vulnerability disclosed about phishing which was named as “Covert Redirect”. So after reading this vulnerability I wanna say you something here if you are generating a ticket or TGT (Ticket Granting Ticket) to access and authenticate credentials of user so don’t return too much data of users. Just make a private session for each user by this ticket. So we will care about this thing in our code.

How to Make Single Sign On (SSO) and Single Sign Off System in PHP

So do you know how we will create sso using php, Trust me! you don’t need any programming skills to make it possible. Just drag and drop system here, really it’s too easy. Non Programmer can do this. Hmm interested so do you know how can you make this possible. Ok! it was a bad joke i know 🙂 but you really need good programming skills to create it. So let’s start learning Development of SSO (Single Sign On) System in php.

What is my Methodology to Make it Perfect & Easy SSO :

Here I am creating an access token, and different different databases for all my two other sites. So here are 3 sites SSO DEMO, SSO Forum and SSO Shop. All three website having different different features and their own databases, So during development of this system I thought, it can be use in old sites, means if you have lot’s of registered users in your websites, so How to use this SSO System for Existing Sites, So after a wide research i got two answers, One is we can merge all users to a database, but how it will work if all sites having different different CMS, or script. So I thought better to make  it for different different databases. But the best way for startup i will recommend create a Master Database which will include Authentication data and user data table, as Google’s accounts.google.com sub domain (It’s just a guess about google, I don’t know what they do). So here you have to create a Master site and other child sites.

Note : I Recommend This Can Be Use In Production, But As Few Days ago Some Hackers Said “Security is an Illusion :)” It’s something like that. Make it much secure on your end.

Finally here i am going to introduce my codes and way to make a SSO using PHP.

How to Make SSO In PHP & Integration:

To make a perfect sso system you have to care about, your users data and prevent it from data Stolen, I recommend no Scrapping Please 🙂 , Let’s Start to make it with php code.

Directory Structure:


|-> Master Site's root (Mine is sso-demo.infotheme.in)

|          |-> index.php

|          |-> auth-access.php

|          |->app_config.php 

--------------OR--------------- 

|          |-> one-login.php 

|          |-> one-time-register.php

|          |-> auth-access.php

|          |->app_config.php

--------For Child Sites---------

|-> All Child Sites root

|          |-> app_config.php
|          |-> auth-access.php

Index.php :  Can Includes Login and Registration Form, Or you can change it’s path and file name according to your requirement

In this SSO system our app_config.php file is God.

Step 1: First you have to create an one-login.php file, over your master site, Which will be similar to this.


<h1 class="sso_community_heading">One Login For All Sites</h1>


<div class="inner_wrapper_flex">

<h3>One Login For All Sites</h3>


<div class="app_sites_links">
<a href="Your Master Site's Home Page URL">SSO DEMO</a>
<a href="Your First Child Site's Home Page URL">SSO FORUM</a>
<a href="Your Second Child Site's Home Page URL">SSO SHOP</a>
</div>


<div class="app_login_form_wrapper">

<form class="app_login_form" name="app_sso_login_form" id="app_sso_login_form" action="" method="post">
<input type="email" name="app_login_email" class="app_login_email" id="app_login_email" value="" placeholder="Email" autocomplete="off"/>
<input type="password" name="app_login_pass" class="app_login_pass" id="app_login_pass" value="" placeholder="Password" />
<button type="submit" name="app_login_action" class="app_login_action" id="app_login_Action">Login</button>
</form>

<a class="app_related_link" href="?step=register">Create New Account</a>
</div>

</div>

So here in this step you have created an Login Form to Login with all websites.

Step 2: Now it’s time to create a php file with single register form for all website. In this section, you need to care about all websites database, means you have to add all mandatory fields here, according to database user table. So as i have added only 4 Fields which are mandatory to all my 3 websites.


<div class="inner_wrapper_flex">

<h3>Create One Account For All Sites</h3>


<div class="app_sites_links">
<a href="Your Master Site's Home Page URL">SSO DEMO</a>
<a href="Your First Child Site's Home Page URL">SSO FORUM</a>
<a href="Your Second Child Site's Home Page URL">SSO SHOP</a>
</div>


<div class="app_reg_form_wrapper">

<form class="app_reg_form" name="app_sso_reg_form" id="app_sso_reg_form" action="" method="post">
<input type="text" name="app_reg_name" class="app_reg_name" id="app_reg_name" value="" placeholder="Full Name"/>
<input type="email" name="app_reg_email" class="app_reg_email" id="app_reg_email" value="" placeholder="Email Address"/>
<input type="text" name="app_reg_skills" class="app_reg_skills" id="app_reg_skills" value="" placeholder="Your Skills"/>
<input type="password" name="app_reg_pass" class="app_reg_pass" id="app_reg_pass" value="" placeholder="Create A Password"/>
<button type="submit" name="app_reg_action" class="app_reg_action" id="app_reg_Action">Create Account</button>
</form>

<a class="app_related_link" href="Your Login Link Here">Login to Your Account</a>
</div>

</div>

Conclusion – SSO System In PHP

So guys, as we learned here lot’s of things about SSO (Single Sign On System) and Single Sign Off System in PHP. But as I am still working on the code of SSO System, and it’s a biggest project for me. So Please keep in touch I will come here with next part of “How to Make SSO (Single Sign On) and Single Sign Off System In PHP“. Rest I develop it completely please comment and give your feedback to me, please also mentioned on which cms you want this script. I will come with complete package of SSO soon.Have a nice coding 🙂

5 Replies to “How to Make Single Sign On System (SSO) Using Php – One Login for Multi Sites

  1. Hey Rahul! Thanks dude to share this information, I loved this, please complete it asap, i want it asap. I have a project of college to make sso in php, please help me. I already pinged you over your fb page.

    Thanks
    Henary

  2. You are better off using a pre-built package that is security hardened than rolling your own SSO solution. Something like this one, Security is hard to get right. Depending on your skill level, Barebones SSO can be a bit difficult to set up but it is the best enterprise-grade product out there and is also free, open source software.

  3. Hey Rahul! Thanks, It’s really nice to learn about sso but where is code men, I am waiting for code, and please also make it free / open source.

    Thanks In Advance!

    1. Hey pinty! thanks for your feedback, Yeah I am Working on SSO System In PHP, and very soon the code of SSO in PHP will be available here

Leave a Reply

Your email address will not be published.