Monday, April 11, 2011

Session isn't passing over domain

In my rails app, when I log in at the www.site.com address, I am logged in just fine. Although without logging out, I go to the site, http://site.com I am logged out, but still logged in at the www.site.com address if I go back.

I can't find anything to set in my environment variables, any idea as to how to keep this session across all domains on my domain?

From stackoverflow
  • Set the session cookie properly; that is, for .site.com and site.com rather than just for www.site.com.

    Garrett : I don't know what you mean by setting the session cookie properly. I don't ever remember setting it. I just use session[:user_id] and move along.
  • since they alias www. to .; couldn't you just prepend www. onto the .?

  • You should redirect www.site.com to site.com (or the other way around). If you don't do that, google may think it's two different sites.

    Matt : +1 whilst this doesn't answer the question, it is certainly something you should implement.
  • When you set a session cookie for "site.com", that will be different than "www.site.com." You need to specify the "cookie_domain" as ".site.com" which will set the cookie or all subdomains as well. In PHP, you could use ini_set or session_set_cookie_params to set session.cookie_domain. In Rails, you can either add a small script to the enviroment.rb - something like:

    ActionController::Base.session_options[:session_domain] = '.site.com'

    (in this case you might also do some switching based on the domain name in production/test/development env's) or try some other configuration options.

    Here's more than you'd ever want to know on the subject.

    Garrett : Following what you said worked. :-)
  • In rails 2.3 this has been changed to:

    config.action_controller.session[:domain] = '.example.com'
    

    or if the session variable hasn't been created yet

    config.action_controller.session = {:domain => '.example.com'}
    

    See http://stackoverflow.com/questions/663893/losing-session-in-rails-2-3-2-app-using-subdomain/978716

0 comments:

Post a Comment

Note: Only a member of this blog may post a comment.