Thanks for the response guys. @wildbeest - $from is the username they login with. I've made the cookie name a substring of it so that I'm not storing complete data on the server.
@coopster I know followlocation needs to be on for redirects but the cookie is not set when its on... So I was trying to do the redirect manually so that I can process the headers manually. That's where I am having trouble though. Where should I look in the server logs and what should I look for?