How to log cross-domain traffic within the network (including username) using HTTPHandler?

I am trying to log user activity for several internal websites as well as our SharePoint sites. I am using JavaScript to call (GET) to ashx page (HTTPHandler) which returns 1x1 invisible GIF. The HTTPHandler grabs the reference url, browser information, ip address, action (sent as a QueryString) and (the part I'm afraid with) the username. The username is collected using context.User.Identity in the HTTPHandler and Integrated Windows Authentication is enabled in IIS 6. The following is part of the js protocol:

    logAction: function(action) {
    try {
        var i = new Image(1, 1);
        i.src = "http://intranet/tracker/urchin.ashx?action=" + action;
    } catch (e) {
        //alert(e);
    }

      

        
        
        
      

    

Using jQuery, I've added handlers to button clicks, link clicks, and uploads that call the ashx file and pass the action. (It's also called page loading).

It all worked fine, or so I thought ... It turned out that I was missing the initial page load event when the user first opened one of the pages, unless it was in the same domain as the HTTPHandler, Using Fiddler I could see the NTLM loop for pages (401.2, 401.1, 200), but only 401.2 for ashx. It looks like the browser will not send user credentials when the HTTPHandler call is cross-domain. The next page of user visits is logged correctly, but the first page is not logged.

Here are our domains:

• http: // intranet
• http: // sharepoint
• http: // dev <- HTTPHandler for tracking lives here

Is there something wrong with my design, or is it just web browser security? Thank!