Is there a way to tell Rails to always use the full domain for the session cookie? This is necessary if you want to allow people to be logged in to both app1.mysite.com and app2.mysite.com with separate sessions. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On 3/18/07, S. Robert James <srobertjames-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Is there a way to tell Rails to always use the full domain for the > session cookie? This is necessary if you want to allow people to be > logged in to both app1.mysite.com and app2.mysite.com with separate > sessions.Use the session class method in your controller to set session options: http://api.rubyonrails.org/classes/ActionController/SessionManagement/ClassMethods.html#M000128 The options are described here: http://api.rubyonrails.org/classes/ActionController/Base.html#M000275 So, in ApplicationController: session :session_domain => ''mysite.com'' Note that after 1.2 the main session settings are moving to environment.rb, with the same syntax: config.action_controller.session = { :session_domain => ''mysite.com'' } jeremy --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Sorry for not being more clear: The app can be running under numerous domains, not known while I code. I don''t want to hard code them in - I just want to tell Rails - whatever the Host: header is, use that for the cookie domain. On Mar 18, 8:38 am, "Jeremy Kemper" <jer...-w7CzD/W5Ocjk1uMJSBkQmQ@public.gmane.org> wrote:> On 3/18/07, S. Robert James <srobertja...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > Is there a way to tell Rails to always use the full domain for the > > session cookie? This is necessary if you want to allow people to be > > logged in to both app1.mysite.com and app2.mysite.com with separate > > sessions. > > Use the session class method in your controller to set session options: > http://api.rubyonrails.org/classes/ActionController/SessionManagement... > > The options are described here: > http://api.rubyonrails.org/classes/ActionController/Base.html#M000275 > > So, in ApplicationController: > session :session_domain => ''mysite.com'' > > Note that after 1.2 the main session settings are moving to > environment.rb, with the same syntax: > config.action_controller.session = { :session_domain => ''mysite.com'' } > > jeremy--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On 3/18/07, S. Robert James <srobertjames-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Sorry for not being more clear: > The app can be running under numerous domains, not known while I > code. I don''t want to hard code them in - I just want to tell Rails - > whatever the Host: header is, use that for the cookie domain.That''s the default. Have you tried it? jeremy --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Thanks - I was getting weird behavior and thought therefore that this was not set properly. But I traced the behavior to something else. (Sometimes getting confirmation of where the problem is NOT helps you think of where the problem IS... :-) On Mar 18, 12:20 pm, "Jeremy Kemper" <jer...-w7CzD/W5Ocjk1uMJSBkQmQ@public.gmane.org> wrote:> On 3/18/07, S. Robert James <srobertja...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > Sorry for not being more clear: > > The app can be running under numerous domains, not known while I > > code. I don''t want to hard code them in - I just want to tell Rails - > > whatever the Host: header is, use that for the cookie domain. > > That''s the default. Have you tried it? > > jeremy--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
If you want a cookie to apply to multiple subdomains, set the cookie domain a ".mydomain.com". Note the initial ".". See RFC 2109. Note that the rfc states that the domain must have at least two dots. So, ".localhost" will not be the same cookie for test1.localhost and test2.localhost. b S. Robert James wrote:> Thanks - I was getting weird behavior and thought therefore that this > was not set properly. But I traced the behavior to something else. > (Sometimes getting confirmation of where the problem is NOT helps you > think of where the problem IS... :-) > > On Mar 18, 12:20 pm, "Jeremy Kemper" <jer...-w7CzD/W5Ocjk1uMJSBkQmQ@public.gmane.org> wrote: >> On 3/18/07, S. Robert James <srobertja...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: >> >>> Sorry for not being more clear: >>> The app can be running under numerous domains, not known while I >>> code. I don''t want to hard code them in - I just want to tell Rails - >>> whatever the Host: header is, use that for the cookie domain. >> That''s the default. Have you tried it? >> >> jeremy > > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---