More questions on multiple apps, single sign-on

There has been some discussion on this, but I want to revive it a bit.

I’m going to have multiple Rails apps, each with their own subdomain in
a tld:

I want to have a single login work across applications. A given user
can have data in each application, but the data will be distinct. That
is, I don’t see a lot of shared code between applications other than

There seem to be 2 choices: a) Separate app for login, then have an
app-per-subdomain redirect there and back or b) Multiple applications
using the same database.

Separate app for login

This has been suggested quite a bit. But it raises some questions:

  1. How do I join users and data in each app? That is be able to join
    my users with foo_model_1 in foo and with bar_model_1 in bar?

  2. Do I sync the user table out of the login app and into each other
    application? Anyone have pointers to MySQL-fu to do this? Like many,
    Rails is my first foray into db-land.

Single database, multiple apps

This has been suggested a few times. Just keep one database for all
apps that need to share the same user data. Each app has its own
tables. My questions here:

  1. How well will migrations work in this situation? Am I going to have
    to tip-toe to prevent a migration dependency order?

  2. What about sessions? Which app should “own” the sessions migration?
    Do I have to do anything special so foo and bar use the same session
    data (other than the right lines in application.rb)?

  3. Do I want each app to have their own cookie? I’m a little confused
    about this one, though there is a little bit about it here
    but I don’t get about how to manage the cookies across subdomains to
    have just one session.

I’m leaning to the single database path.
Thoughts/comments/answers/rants? (Note that I’m trying to be
authentication-method-agnostic-here, so maybe there will be fewer