Page 1 of 1

Shared Cookie Access

Posted: Wed Jun 07, 2006 12:36 pm
by cfytable
We have two separate web spaces under domain.com: 1) http://webmail.domain.com and 2) https://www.domain.com (an Intranet site that requires a login).

Each website drops a cookie on the user's machine after he/she logs in. The former does so by Perl, the latter by PHP.

My client wants to know the following: Can it be setup such that logging into one site automatically logs the user into the other? I am assuming that it is a matter of having both sites look at the same cookie, but I had a question about the implementation.

Domain #1 is managed by our web host, so I assume I will have to change Domain #2's cookie checks to use the cookie set by Domain #1. Currently, in Domain #2's code, I have checks performed against $_COOKIE["loggedin"], which refers to Domain #2's own cookie. How would I alter this code to make it look for a similar value in the cookie set by Domain #1?

Any help would be appreciated.

Posted: Wed Jun 07, 2006 12:47 pm
by feyd
it has little to do with the data in the cookie (as that's what you are accessing via PHP) but more the settings used to create the cookie. Specifically, the domain attribute of the cookie must be ".domain.com" (note the leading dot) not webmail.domain.com. If it is not, #2 will not be able to see it as the browser will not send it.