0

There is site A that should use site's B authentication. At site A I added login.php with curl's post request to site B. Also at site A I have jquery Ajax request to that login.php. If there are no errors I redirecting the user to site B (in javascript). Everything fine except of fact that after redirection the user is not authenticated because there is no any session cookie. So my idea is to read session Id from curl request at login.php and add a cookie with that session Id. I think it will solve my problem. So the question is - how to read session Id from curl? Thank you

nKognito
  • 6,297
  • 17
  • 77
  • 138
  • 1
    possible duplicate of [how to get the cookies from a php curl into a variable](http://stackoverflow.com/questions/895786/how-to-get-the-cookies-from-a-php-curl-into-a-variable) – Paul Jul 26 '11 at 06:26
  • 1
    You should just read all the cookies, not just the `session Id` then you can pass the cookies along with your next request. – Paul Jul 26 '11 at 06:27

1 Answers1

1

If you are redirecting the user to another domain, you cannot set the cookies which the user's browser will send to the other domain. If you own both of the sites, you need to implement cross-domain cookie (there are few ways to do this, basically involving loading some element on site A from site B, and then with JS copying the cookie data from one domain to another).

There is no way you can force user to perform a POST request to the other site, or to tell him what HTTP headers to send. There is no way you can set cookies for domain B - you can set them for A, and B can eventually read them, if you setup cross-domain cookie

Community
  • 1
  • 1
Maxim Krizhanovsky
  • 26,265
  • 5
  • 59
  • 89