• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Session (with db) doesn't work "cross"-domain.

#1
[eluser]moodh[/eluser]
Hi, I'm currently trying to use sessions (encrypted and with a database) over alot of subdomains and a main domain:
http://username.portal.com ==> application/blogs
http://someotheruser.portal.com ==> application/blogs
http://portal.com ==> application/portal

The subdomains all go to a separate application, an the portal goes to its own, maybe thats where the problem lies?

If I log in on portal.com I'm still logged out (sessionvariable logged_in) on the subdomains.
I've changed the cookie setting for domain to '.portal.com' but no luck anyway.

Any ideas on what I've missed?

My settings:
Code:
$config['sess_cookie_name']    = 'db_session';
$config['sess_expiration']        = 0; // No expiration
$config['sess_encrypt_cookie']    = TRUE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']        = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent']    = TRUE;
$config['sess_time_to_update']     = 300;

$config['cookie_prefix']    = "foo_";
if($_SERVER['HTTP_HOST'] == "localhost") {
    $config['cookie_domain']    = "";
} else {
    $config['cookie_domain']    = ".portal.com";
}
$config['cookie_path']        = "/";

Edit: was just Chrome playing tricks on me, all sorted now =)

#2
[eluser]Jupiter[/eluser]
I ran into the same problem - did you find a solution for Chrome?

Cheers,
Peter

#3
[eluser]moodh[/eluser]
[quote author="Jupiter" date="1255480723"]I ran into the same problem - did you find a solution for Chrome?

Cheers,
Peter[/quote]

Manually remove all the cookies =)

#4
[eluser]Jupiter[/eluser]
Yup, that worked - thank you!

#5
[eluser]Zeeshan Rasool[/eluser]
This remembered me the problem which i have faced from last 4 days, I have lost my session suddenly working in my CMS. I didn't upload any of new or update my previous files.
Best of Luck may be i can get some solutions here

#6
[eluser]sojic[/eluser]
Hi. I need help ASAP!!!.

I'm working on an web app, which is deployed on two subdomains. I need to share session, between this two subdomains....

By default, CI session does now work properly for me. So I have implemented http://www.philsbury.co.uk/index.php/blo...-sessions/.

I have two CI installations on each subdomain, but they are using same database. I've tried with $config['cookie_domain'] = ".domain.com"; but unsuccessful. I can not share session!

#7
[eluser]WanWizard[/eluser]
CI's session, like any other session mechanism, uses a cookie to identify the session. It's is the cookie that should be available cross-domain.

For domain, you need to specify '.domain.com', not '*.domain.com'. Check the RFC.

#8
[eluser]sojic[/eluser]
It IS .domain, not *. There is no * in my previous post.

#9
[eluser]WanWizard[/eluser]
[quote author="sojic" date="1342528238"]It IS .domain, not *. There is no * in my previous post.[/quote]
Sorry, disadvantages of a smartphone screen... Misread the " for a *

What is the rest of the session cookie configuration?

And if you check in your browser at both domains (using something like the Web developer toolbar in FF or equivalent) if the session cookie exist, does it?


If so, it's not a cookie issue but an application issue, which causes the session to be rejected. If you visit your second domain, and then go back to the first, does that first still have a valid session?


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.