Cross domain session

psmshankar

hi all,

do we have something like cross domain session...
my case is this..
we have developed an application using PHP/MySQL/Apache...
this is going to be used by an client..
but that client is already usinh their own portal running under win2k/ASP/IIS.... both applications will be running in seperate server...
what i need to do is to give a link to our application in their portal...
the problem is already a registered user would have logged in to that protal and clicking the link to our application, he /she should be directly taken to respective page, without loggin in again??

Shankar

eoghain

Using just PHP you would have to write your own session handling code that would put the session information into a database then pass the session ID as a part of the URL so that PHP could get the data and set the session ID as it's own cookie.

psmshankar

but that client is already usinh their own portal running under win2k/ASP/IIS....

means there will be an just 'href' link pointing to my application...
they are using ASP page....so do i ask them to pass the userid as query string??????? so that on checking that query string variable, i will do the rest in my application???

eoghain

I don't know how ASP does it's session handling, but having them pass you a userid would work. But then your program wouldn't have any security since anyone could send you a userid and a spoofed header and have access to that users information on your system.

Since I don't know anything about ASP I can't be of much help in trying to figure this out for you. You should get together with the developer of the ASP system and see what you can come up with together.

psmshankar

ok i will chk it out with ASP devs