I am trying to understand how Yii Cookie Based Authentication actually works. I will try to explain as detail as I can of what I did.
Technical Outcomes are:
Login page will always be on the site1.domain.com
User Credentials’ Database is on site1.domain.com
site2.domain.com also has LoginForm and a UserIdentity that will identify everything (referer, etc…), that accepts posted data from site1.domain.com. Using CURL the "validated" data from site1.domain.com will be posted to site2.domain.com.
site2.domain.com will perform validation, and everything, and if the data is valid, then it will let the user login, generates states.bin under "runtime" folder.
What I have done so far:
On site1.domain.com, using Yii Authentication and Authorization and CURL to also login to site2.domain.com. The login works fine, and Yii was also able to recognize the user on site2.domain.com, short to say, it worked. And Yii generated states.bin under "runtime" folder on the site2.domain.com, also under "runtime" folder on site1.domain.com.
Then, I redirected the user from site1.domain.com to site2.domain.com, expecting that I am going to see the Dashboard, but instead I was redirected back to site1.domain.com login page as if I was not logged in. I checked everything, and I am pretty sure I did set everything up.
I am not sure how Yii generate Cookie, but it seems that this way won’t work. Do you have any other suggestions?