slightly losing my mind here and I would really like some help to get me pointed in the right direction.
I'm using a shared Linux server on GoDaddy where I have two PHP websites with separate user logins authenticating with two separate MySQL databases. What I'd like is for a user to log into Site 1 and then be automatically logged into Site 2. And when they logout out of either site, they should be logged out of both sites.
I currently have SimpleSAMLphp installed and I'd really appreciate some guidance on how to setup the IdP and SPs. Am I right in thinking that the Site 1 and Site 2 are the SP's?
Any guidance would be greatly appreciated, this is my first ever SSO setup and I'm just a little lost.
To implement single sign on you need somthing common in both website to authenticate. Cookies won't help as there are two different site and it is not good to expose your cookies to a another website.
In general, SSO is implemented using a central serevr basically which handles the authentication data.
Basic steps are as follows:
For login, user is redirected to the common server and credentials get verified.
Central server sets the cookie for the login.
When your other website needs a login it checks the central server again using redirection.
Then, central server check the cookies and authenticates or redirect to login if not aythenticated before.
So, you can configure a central authentication server which check authentication and provide the appropriate response and both websites handle it accordingly.
But, Central server needs a common user database which in your case you clearly lack. So you can declare one of the websites as central or principle resource and expose APIs for other website which will expose its user base to verify the details.
Let one website handle the login process. If other needs authentication to be done it will redirect user to the main website and then handle the return response.
There is a lot to cover in theory but hope it would help.
Useful links: