We are working on integrating a third-party PHP-based CMS with iMIS using the MembershipWebService. To start out, I have created a simple script in PHP that calls the MembershipWebService's LoginUserAndProvideCookies request, and I get a "Login" cookie back (as well as one other cookie, but it looks like only the Login cookie is necessary for iMIS authentication). We are making this request on the iMIS SQL server, which is based at sql.website.org (this is not available to the public). For the cookie, I set the domain to ".website.org" to allow all subdomains.
If I go to sql.website.org/imis15_AS/ (which is the website for iMIS desktop), the "Login" cookie I set appropriately logs me into iMIS desktop.
The "live" view of iMIS for the public is (i.e. the iMIS web server) located at eservices.website.org. If I go to this site, the cookie I set doesn't sustain the login via the "Login" cookie I set.
Additionally, if I go to the following website, I can invoke the LoginUserAndProvideCookies:
When I enter in a username, password, and whether the user is a staff user, the Invoke method returns the Login cookie.
When I manually set this cookie for eservices.website.org (the live iMIS installation), this cookie doesn't login the user.
I think we're close to sustaining a login, since it seems to be working for iMIS Desktop. Do you have any insights on why the Login cookie isn't working on the live web server, but it seems to be working with iMIS Desktop?