User Authentication & Cookies

I am trying to allow access to my site from 2 different domains (the standard host & a web forwarding domain). I am having problems logging in from the web forwarding domain & have traced this to an authentication issue.

Despite hours of looking at the code, I cannot understand in full the authentication process. It seems to be defined in wp-settings and pluggable-functions, but I can’t seem to work out exactly what the process is.

Does anyone know the full process (I know the basics) of how the wordpress authentication works? and which part (if any) could be disrupted by having a referer that is different from the wordpress URL?