Dear list, i'm trying to integrate two php-driven web applications, which both require the user to authenticate using a username and a password. Consider a situation where the user has logged-in to the 1st application. She clicks over a hyper-link, which directs her to the 2nd application. The challenge is to automatically authenticate the user on the 2nd application as well. i'm wondering how? Is it secure to store the username and password in the $_SESSION, and share the session between the two applications? Please let me know what do you think. Thank you in advance, -behzad