#313 new
Ignacio Carrera

Sharing session/cookies in multi site with subdomains

Reported by Ignacio Carrera | June 3rd, 2009 @ 07:01 AM

I've got a specific situation: I need multiple subdomains to functionally partition my site (plus each subdomain will possibly be served by a different server).

So, to adva, they are different sites, but they all must share the session (so when a user logs in, and according to its role she gets redirected to another subdomain, her session, flash, uname & uid keep working accross domains).

Traditionally, in Rails, you can specify the :domain option of the session cookie. The problem is that adva tries hard to keep pages cacheable, so the username and flash messages are loaded by the client using javascript and a few custom cookies. These cookies weren't using the same domain as the session cookie (so my user was logged in but her name didn't show up). This also has a side effect: as the flash cookie has a specific domain associated, this domian must be known to the JS resetting the cookie (so the Flash doesn't get stuck).

I've patched adva to support this in [1].

It's lacking any test (couldn't fully understand it), and maybe it's not the right approach (it's working for me, though).

[1] http://github.com/nachokb/adva_cms/commit/3fc3c99437c2d19b50ce4a0d1...

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<p>Cutting edge cms, blog, wiki, forum ... plattform.</p>

<p>Find the code on <a href="http://github.com/svenfuchs/adva_cms/tree/master">GitHub: adva cms</a></p>

<p>Part of the business application framework <a href="http://www.advabest.org/">adva best</a>.</p>

People watching this ticket