I am trying to create a single sign on process. The method I have implemented makes use of storing session data in a database.

When a new user comes to the website (www.example2.com) a table of authentication is checked. As this is their first visit to the website, there will be no match.

The browser is redicted to the authentication server http://www.example1.com/authenticate.php?session_id=ABC123 where ABC123 represents the session id created on http://www.example2.com. THe session id which is then generated on http://www.example1.com is stored along side the session id using the parameter set in the URL.

The user is then redirected back to the http://www.example2.com and a match of session ids should be found.

This WAS working fine in FireFox but when I tried it in Chrome I noticed that the session id being generated when the browser is redirected back to http://www.example2.com is a new session id. As a result an infinite loop is created. This behaviour has not manifested itself in FireFox aswell.

What is causing the new session id to be generated? More importantly, what can I do to stop it?

Thanks in advance!

EDIT
I had a logically error that was causing an infinite loop. This now works fine again in FireFox but the infinite loop is still occuring in Chrome and Internet Explorer.