So, I turned on our SSL support (apache and mongrel all configured like they should be, forwarding the protocol header and all that). Now, here is the problem: whenever I switch between SSL and non-SSL pages, the session gets lost, and I am issued a new session_id cookie with a different value. After some googling, I found this line to add to my environment.rb line: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_domain => ''.mydomain.com'') When I add that line, the session is *never ever* kept, and I am never actually logged in to the application. I get instant redirects back to the login page, because the session is lost. So, what magical words do I need to put in my config files to make these sessions persistent like they should be? Is this code maybe for older version of RAILS? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---