Was just reading a wiki article on single-sign on for sub-domains. I’ve got the cookie stuff setup, and everything pretty much ready to go, however the article mentions an “application id” to identify, as well as generate a unique signed key…
http://www.yiiframework.com/wiki/135/single-sign-on-across-multiple-subdomains/
Where should I put this? Right in the top of my main.php??