You can not achieve SSO by sharing Session ID between applications.
You also need to share the session, which is a tall order by itself.
What you need for SSO is something like Remember-Me: a cookie
containing sufficient information to uniquely and genuinely (as much
as possible) identify the user. That cookie can be set to any domain
(with security limitations). That has nothing to do with the Session
though, and is entirely up to you.
2012/9/4 Derek Knapp <derek.knapp_at_me.com>:
> Is it possible to set the domain for the SSO session id?
>
> I was hoping to support SSO across subdomains by setting the domain to .example.com
>
>
> Derek