Persisting Session data over 2 domains
Moderator: General Moderators
-
determinedmoth
- Forum Commoner
- Posts: 33
- Joined: Wed Jul 07, 2004 9:13 am
Persisting Session data over 2 domains
I have a multi-geographic site running on 1 central server. For example I have the following domains pointing to folders within the site root;
domain.co.uk = /site/uk
domain.co.za = /site/za
domain-admin.com = /site/admin
They all use global authentication scripts, and the requirement is that the administrator can log in via domain-admin.com, and session data will carry over all 3 domains.
For now, I can only log in the user under the parent URL.
I'm reluctant to use cookies, or pass the Session ID via the URL.
I have full control over the server, php.ini / apache etc and can edit pretty much anything to make it work.
I hope that makes sense, and thank you.
domain.co.uk = /site/uk
domain.co.za = /site/za
domain-admin.com = /site/admin
They all use global authentication scripts, and the requirement is that the administrator can log in via domain-admin.com, and session data will carry over all 3 domains.
For now, I can only log in the user under the parent URL.
I'm reluctant to use cookies, or pass the Session ID via the URL.
I have full control over the server, php.ini / apache etc and can edit pretty much anything to make it work.
I hope that makes sense, and thank you.
-
determinedmoth
- Forum Commoner
- Posts: 33
- Joined: Wed Jul 07, 2004 9:13 am
You can't read cookies from other domains, but you are allowed to specify the domain when setting a cookie. What about something like this:
When a user logs in successfully, instead of only setting a cookie for the site he is on, why not set cookies for the other domains as well? Each cookie would need a unique name, but it should work.
When a user logs in successfully, instead of only setting a cookie for the site he is on, why not set cookies for the other domains as well? Each cookie would need a unique name, but it should work.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
-
determinedmoth
- Forum Commoner
- Posts: 33
- Joined: Wed Jul 07, 2004 9:13 am
I've tried sending the SID via the URL, but this doesn't work across different URL's either.
I was playing with this:
But it wont work.
Time for a drink. I'll come back to it monday!
I was playing with this:
Code: Select all
ini_set('session.referer_check', 'myothersite.com');
session_start();
echo $_SESSION['myvar'];Time for a drink. I'll come back to it monday!
I dont think it will work using the same session ID. I'm pretty sure your session ID is tied to the domain it was created for. It is possible to set a cookie for another domain, just not read one from another. For it to work, you'll probably need to create a custom cookie-based login system. I would probably write is as a class, for ease of use.
-
determinedmoth
- Forum Commoner
- Posts: 33
- Joined: Wed Jul 07, 2004 9:13 am
- kbrown3074
- Forum Contributor
- Posts: 119
- Joined: Thu Jul 20, 2006 1:36 pm