I'm building a rails application on one domain (we'll call it domain1.com) which needs information that is only available on domain2.com (it's embedded in a certificate that only that domain can check). Basically, it's just a username, so nothing too complicated.
I want to enable authentication to domain 1 by clicking a button, which will redirect the user to a page on domain 2, prompting a popup asking the user if they want to use their certificate. When they click yes, the page will redirect back to domain 1.
Domain 1 should pass a redirect URL to domain 2 telling it where to redirect. Domain 2 should pass a username back to domain 1.
Domain 1 is in rails and domain 2 is probably on PHP (this is the way that I know I can access the data).
What's the best way of doing this? I could use a shared secret key to hash the parameters and make sure they are being passed honestly--is this the best strategy?
Thanks.