Rails - Multiple top level domains and a single session/cookie

This one is a bit tricky. Since cookies can only be assigned to (and retrieved from) the current domain ("forms.example.com", say) and parent domains (".example.com", but not ".com"), but NOT to other domains ("othersite.com"), you'll have to find yourself another solution. This has nothing to do with Rails, but with how cookies work.

EDIT: Sessions rely on a client-specific handle, stored in a cookie, which is why sessions also don't work cross-domain.

This site has one possible solution for creating a cross-domain cookie, and it's the cleanest way I know of, although it may have some security implications. A more complicated version would have the servers communicate directly through some secure channel.

If you're looking for a more general-purpose single-login service, try implementing some form of OpenID.

For sub-domains in Rails 2.3

ActionController::Base.session = { :domain => ".mydomain.com" }

For top-level domains try this middleware.

I've been playing with the above middleware at the moment and it does not quite work as expected. If you do use the middleware you do not need the above code as it handles sub-domains as well.

You will probably need something like RubyCAS if you want authentication across domains regardless of whether they're top-level or subdomains.