Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By geme4472 on
I'm developing a module to serve a cross-domain widget and I'd like it to be able to authenticate against my (the widget) server. The idea is that the widget gets served to yourdomain.com's page, and from there I want to be able to send login inforamation back to myserver.com. The module then runs login_validate() and login_submit(). In FF this sets the session correctly and everything is fine. Using IE, the user gets (watchdog) logged as having logged in, but the sessions table still shows user 0 with that sess id.
Is there some cookie-handling/security feature in IE (6 or 7) such that this is impossible? Or could this have something to do with the drupal install's session handling? I'd appreciate any help at all!
