| 摘要 |
If a plurality of services in the same domain is provided as a plurality of subdomains when a cookie is used in web service, the cookie with a domain scope for a subdomain may not be shared by the services. Meanwhile, if the domain scope is equivalent to the overall domain, a cookie may be obtained for service unavailable for a user, which may disadvantageously reduce security. The authentication server receives access to the server from a terminal and confirms whether the terminal has an authorization to use the services provided by the subdomains in the same domain. If the terminal has the authorization, a cookie is issued with a scope of use for the subdomains to the terminal. If the terminal does not have the authorization, a cookie is issued with a scope of use for the subdomain of the authentication server to the terminal. |
