using SSO/OpenID style techniques, for example by redirecting via forms and transmitting the authentication challenge tokens back and forth in the form parameters.
For example look how stackovervflow and sistersites do it. You can log into one using the other and it is implemented via forms and redirects.
For strictly subdomains, you can just use a single session cookie which is sent to all hosts within "*.domain.com"