Let’s say that I have an application up and running at http://eii.com
Now this is a totally different application but is useful to the people visiting eii.com site. This new application has it’s own database and own source code.
My problem is login part.
If a user logins to eiil.com and then visits services.eii.com how do I know who the user is and if the user is logged in or not? Should I use cookie for this purpose then the someone can change the user_id in the cookie?