I have a challenge. Here's the scenario:
There are two sites. One has an activity and post-tests for some of those activities, and one has post-tests for the rest of them. They are two businesses, and for security purposes, neither allows direct queries of the other's backend from outside of their respective servers. Each requires authenticated logins. Each does not currently poll the other to set up accounts. Many users of one site find themselves confused when going to the other, and, ignoring all messages about needing to set up an account on each, continue to contact the webmasters of both sites about why their account doesn't work.
To solve this, the webmasters of both sides (myself being one of them) have put our heads together. As we are not allowed to directly query the database of the other, this is the solution reached:
1. If one has an account on the site with the activity, and tries to access a post-test on the other site (mine), their login is passed to my site.
2. If there's an account, great, they can go on ahead
3. If there isn't, I need to set up an account using the login information passed over to my script. To automatically fill out the rest of the information we need, my script then sends a request to the other server to get their information and update that account. The other alternative would be to have them fill this all out once again. Given how irritated they get about having to open two accounts, I'd like to avoid this, even if I end up going with it as a short-term solution.
Here's the challenge, as far as my side of this goes: I've looked at sending a form post to a handler script on the other server, and I've looked at using <cfhttp>. I'm either seeing functional difficulties with either approach. Or I may not be understanding either approach.
What would you suggest?