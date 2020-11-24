Novice suggestion.
- The login form in site A once is submitted and is validated then do this
Create a database or what ever means you are storing logged in users in Server B.
Then create a datebase connection for the second serverB and add the details there and mark it as logged in.
This is only possible if you are using database to show is logged in or not.
E.g if password and username match then column active = true
So any user with that session id is automatically logged in on server B
It opens you up to session hijacking bcs thats exact method you will use to pass the session.
- Curl which will call the loggin scripts in server b and validate and log the user in.
The password will be passed in encrypted form and then validate at server B
The only problem to this is passing session id or any indentifier on the users browser.
Perhaps use cookies store in the users browser through site A and then when he visits site B you query his browser for such cookie.