How can I login to multiple applications in different domains once?

Question

For example I have 2 apps, one is in abc.com, and another one is in xyz.com.

Now what I want to do is, if one user logged in abc.com, then he will be also logged in xyz.com automatically. Means after he logged in abc.com, and just open xyz.com in a new tab of browser, he will be showed that he has already logged in.

It's same as msn.com and hotmail.com, if you logged in msn.com, and open hotmail.com, you can see you've already logged in.

I'm using CI, and for login information I used CI's session functions (which is cookie in fact), but seems cookies cannot be shared cross different domains.

I've tried to use CURL, but CURL cannot make xyz.com really make the cookies.

And I've also searched around Google, many people suggested to pass a session id, but the problem is, there's no link between abc.com and xyz.com, how can I pass the session? If I store the session id in database, then how can I identify which user should use this session id? By IP is not secure obviously :D

Please, help me!

Answer 1

You can open an iframe on xyz.com that will connect to abc.com, then use ajax/js to forward some sort of token to xyz.com from the iframe by calling a js function from the iframe.

So it will look something like:

XYZ.com:

function authAbcUser(token) { 
    //During this function you will set a cookie for this user on XYZ.com
}
<iframe height="0" width="0" src="http://www.abc.com/auth.php?token"></iframe>

ABC.com/auth.php:

parent.authAbcUser(token);

Answer 2

Try to use this and make it work with CI

http://www.assembla.com/wiki/show/attachpass/Single_Sign_On_Process