I have two web applications, of different technologies, one is developed in cold fusion and the other in Asp.net.
Both applications have authentication implemented. The usernames for both applications are same where as the password differ.
So here is what i wanted to do, i log-in to my cold fusion application and when i click on a particular button it has to navigate to Asp.net application, without asking me to log-in again to this application.
This is how i came up with the solution, i passed the username from cold fusion app on button click as querystring to asp.net url, where it checks if it has keyed querystring and if username exists then log-in to the Asp.net app.
It looks something like this http://xxxxxx.com?username=xxx But passing username as querystring is not secure, what can be done to make it secure? I'm thinking of encrypting the querystring, can this be done? or should i follow another method to do this login navigation.