Sharing authentication between ASP.NET and WordPress
I had a similar problem, where I had an ASP.net application (third party) and a PHP application (built in-house). I have modified the ASP.net application with just a few lines of code, so that it worked like this:
- User logs to the ASP.net application
- The ASP.net application sets a session cookie (this is automatic)
- Modification: the ASP.net adds a row to the database with the session ID (which is in the cookie) and the username
- The PHP application reads the ASP.net session cookie and gets the session ID
- The PHP application searches the DB for the session ID and if it is found, it automatically associates the session with the username found
I also added an expiry time for the sessions, to minimize impersonation possibilies...
There are two different server side scripts and it is hard to create by-directional authentication. Since WP uses cookies, you might try to authenticate users against cookies. creating a mechanism that check if there is valid WP cookies in users machine and then read from cookies to authenticate users.