views:

107

answers:

1

The task was to bypass login form on remote server with a session_id acquired through a call to server's web API. So that user wouldn't have to login twice.

Since there's no way to set cookies for different domain. What we came up to was - put a little file on remote server, to which we pass encrypted session_id from hidden iframe and which is supposed to start a proper session for a remote app, which is then loaded in another iframe.

This approach works fine in FF/Chrome, but not IE... However if I copy url to self-made remote authorization script from iframe's src attribute to to IE's address bar and load it from there, session get's created as expected. But for some reason it just doesn't want to do the same from an iframe.

Does anyone have any clue, why this is happening?

A: 

Ok, what we did for IEs, we just redirect the whole browser to the authorization script, which then redirects it back again. At least that resolves a problem, somehow.

Anyone having any better solution?

jayarjo