Common login for multiple sites. HOW?

[deleted]

I have several sites (domains) that have allow users to login based on a user/password verification.

I setup up a session once the correct login info is received via a login, at which point I set a cookie that keeps the verifies the user for weeks to come.

All the sites (domains) currently share the same user base and basically access the same user database to authenticate the login credentials.

The issue is that if a user logs in at domain FOO.com the user browser get a session cookie set for that domain. Now if the user goes to site BOO.com, of course we cant read the cookie that is set on the users browser for site FOO.com, so we don't get the session cookie and there for would have to login to this site/domain seperately.

So how would one go about implementing something where we could pass a session id/variable between various domains. I guess it is part of the spec that we can't just read any domain cookie from a browser due to obvious security reason.
Is there a way of possible setting up a third party domain page for reading and setting this session key and then accessing it somehow from the two Foo.com and BOO.com domains.

Hope this makes sense. But I guess I'm looking to understand and figure out a way to set up a Passport like setup for all my sites.
Any info, ideas would be totally appreciated.
Thanks

mrblom

I'm not sure about this, but if I'm not wrong the thing you're describing should work if all the sites are on the same server.

I once registered a session variable,
let's say $user on one domain.
Later i checked it out on anoter domain using session_is_registered()... and yes... it worked.

But only as long as session was registered on the same server.