IFrame and Parent Frame Session Handling

I have an application that contains no session time out, we don't want our users to have to log in every time they come to the site or even if they've remained idle. We recently partnered with an external vendor to provide some research data which we are rendering in an i-frame. The vendor has a 30 minute session after that session expires in the iframe the users are asked to re-login to the vendor site. As I stated previously we don't want to have the end user log in multiple times.

The solution I came up with was when the end users session expired in the iframe there would be a javascript call to:

/if called from an iframe, refresh the containing window

if (self != top) {

  window.parent.location.href = window.parent.locat开发者_开发百科ion.href;

} 

I tested this locally and it works, ie both the parent and the iframe were running on the same application server, however when this is deployed on 2 different domains (Parent window and i-frame are running on different app servers) it is still sending the users to the login screen of the vendor, and if I just press refresh I'm successfully re-logged in without having to provide credentials.

A couple of questions:

1. Is there a different way anyone can think of to handle this issue?
2. Any idea why this would work locally but not across domains?

i think you need to change parent window's URL from IFRAME content

Parent window's content:

<b>iframe starts here</b><br><br>
<iframe src='iframe1.html'></iframe>

<br><br>
<b>iframe ends here</b>

<script type="text/javascript">
    function change_parent_url(url)
    {
    document.location=url;
    }       
</script>

Iframe's content:

IFRAME content<br><br>

 <a href="javascript:parent.change_parent_url('http://yahoo.com');"> 
Click here to change parent URL </a>