My university (example.edu) has a WordPress based portal site (portal.example.edu).We've created a PHP app that is now hosted on (test.example.edu). What I want to do is share a session variable called $_SESSION['username'] (which holds the username of the student/faculty/staff currently logged in) that I guarantee is on portal.example.edu and share with the PHP app I built on test.example.edu. I need to use that to authenticate if that person should have access to that app from their username. Few things: portal.example.edu and test.example.edu are different servers, and use different PHP versions, although under same domain example.edu. What would be the most securest way to get the username session variable from portal.example.edu so that I can only allow certain people to have access to this app? I have tried things like ini_set('session.cookie_domain', '.example.edu' ); on my PHP app before sesison_start() and other few things from StackOverflow but nothing seems to be working.
Asked
Active
Viewed 693 times
0
Sagar Subedi
- 1
- 1
-
There are a few examples in https://stackoverflow.com/q/1064243/296555. Have you tried any of those? – waterloomatt Mar 14 '22 at 18:22
-
The fact that these subdomains are on different servers excludes a lot of standard solutions. Could you put some extra PHP code on the WordPress based portal site that can be accessed from `test.example.edu`? – KIKO Software Mar 14 '22 at 18:23