I had a programmer create a portal software for our website. It includes, among other things, the ability to login to an admin area to manage the portal in a kind of CMS format.

Later we added a banner ad management software to the portal. It has it's own login credentials, but we added the link to that admin area in our CMS section. The tables for this software are listed in the same database as the portal. We even specify the same username/password. However we do not want to continue to have two seperate logins.

Is there a way to keep the banner ad management area password protected using the accounts located at our portal software? If so, what's the easiest way to go about this? I understand it's hard to say not knowing the code, but I guess I am first asking if it's an easy task.

TIA, Ben

If the same database has been used for both the portal and banner ad management, then it'll be a simple matter of changing the table name in the banner ad code.
You'll need a coder to ensure that it's done properly, as field names etc may differ between the two tables.

If the same database has been used for both the portal and banner ad management, then it'll be a simple matter of changing the table name in the banner ad code.
You'll need a coder to ensure that it's done properly, as field names etc may differ between the two tables.

What the heck are you talking about? People, I will not stop policing this forum. Please, refrain from spending your and our time on giving advices when you don't know anything about issue.

Now, about this issue.

bhafer, you need to apply Single Sign-On (SSO) technique to resolve this problem. It's a typical problem in big, distributed environments. If URIs of both applications are on the same domain you can use session cookies to pass username/userpassword from one app to another. You can also decode HTTP Authentication field in the header. You can use a combination of both. The problem arises if you will need to pass credentials between different domains. The only adapted solution here is application of SAML (subject of different conversation).

Peter.

This will only be on the same domain. With that said, just adjusting/creating session cookies should fix this problem without any adjustments to the code?

This will only be on the same domain. With that said, just adjusting/creating session cookies should fix this problem without any adjustments to the code?
No, I didn't say so. Most likely you need to change code. Now there is a one more way to deal with user credentials. It's to rewrite URL for second apps with user credentials as URL parameters.

Peter.

If your banner management application uses a cookie to track logins, then you could have an easy way out by just setting a cookie with the same credentials from the CMS login application.