auth over multiple subdomains

Forum Moderators: coopster

Message Too Old, No Replies

auth over multiple subdomains

Hop_Hop

11:47 am on Jan 26, 2006 (gmt 0)

let`s say i have 2 subdomains : x.domain.com and y.domain.com

User comes and logins on x.domain.com ... everything is perfect, but while he is logged on he tryes to view y.domain.com ... now here the login is not valid anymore. (basically user authentification on multiple subdomains)

I underline that both domains are using the same user/pass dbase, I do not want to resolve this by putting cookie into user pocket. I`ve seen something like handling sessions from mysql.
I couldn`t find any good example on this whole internet, can anyone help me resolve this issue?
Reply With Quote

jatar_k

5:56 pm on Jan 26, 2006 (gmt 0)

not really sure

can you access the sesion from the second subdomain? try echoing a var from the session

Hop_Hop

12:21 am on Jan 27, 2006 (gmt 0)

Found the solution.

edit php.ini and put the .domain.com to session.cookie_domain ... so thel ine must look session.cookie_domain = .domain.com

macdar

10:10 am on Feb 18, 2006 (gmt 0)

I have a similar problem, but additionally I have to pass this session across multiple DOMAINS.

as far as I know session.cookie_domain allows you to define only one domain.

Did anybody have a similar issue?

Thanks.

coopster

3:26 pm on Feb 18, 2006 (gmt 0)

Hop_Hop, you said ...

I do not want to resolve this by putting cookie into user pocket.

Seems you ending up going this route anyway? I would -- when crossing subdomains using cookies is by far much easier to implement if you want to maintain the same session.

macdar, if the domains for which you are sharing a session are on the same server (or can access the same database server I should say) you may want to consider seting a unique session id and maintain state using a database.

macdar

8:45 pm on Feb 19, 2006 (gmt 0)

Thanks coopster, great idea!
Just did it, and works like a charm.