--- /tmp/singlesignon/singlesignon.module	2008-05-08 22:12:18.000000000 +1200
+++ singlesignon.module	2008-09-10 11:51:38.000000000 +1200
@@ -93,8 +93,10 @@
   }
 
   $extra_base_url = _singlesignon_base_url();
+  $extra_base_domain = _singlesignon_get_domain($extra_base_url);
+  $master_domain = _singlesignon_get_domain($master_url);
   if (empty($_SESSION['singlesignon_prior_sid']) || $_SESSION['singlesignon_prior_sid'] != session_id()) {
-    if ($extra_base_url != $master_url) {
+    if ($extra_base_domain != $master_domain) {
       if (!empty($_GET['singlesignon_dest'])) {
         // User was sent back to a slave site by this module but doesn't have
         // a session.  They clearly don't have cookies enabled.
@@ -124,7 +126,7 @@
       return;
 
     case 'singlesignon':
-      if ($extra_base_url == $master_url) {
+      if ($extra_base_domain == $master_domain) {
         _singlesignon_master($master_url, $arg0, arg(1));
       }
       return;
@@ -143,7 +145,7 @@
 
   if (!empty($_SESSION['singlesignon_just_loggged_in'])) {
     unset($_SESSION['singlesignon_just_loggged_in']);
-    if ($extra_base_url == $master_url) {
+    if ($extra_base_domain == $master_domain) {
       if (!$user->uid || empty($_SESSION['singlesignon_slave_sessions']) || !is_array($_SESSION['singlesignon_slave_sessions']) || !_singlesignon_validate_sid($_SESSION['singlesignon_slave_sessions'])) {
         // Login failed or the user has no sessions on any slaves.
         return;
@@ -445,5 +447,18 @@
   return ($form_values['singlesignon_bot_matches'][$value]);
 }
 
+/**
+ * Returns the domain part of a URL
+ *
+ * @param string $base_url a URL including the scheme
+ * @return string just the domain (and possibly port) part
+ */
+function _singlesignon_get_domain($base_url) {
+  if (preg_match('@^https?://([^/]+)@', $base_url, $m)) {
+    return $m[1];
+  }
+  return '';
+}
+
 // }}}