wildcard subdomain with CDbHttpSession issue

heamon · November 13, 2010, 5:47pm

I have do a website with Yii, it use wildcard subdomain. To control the session, I use CDbHttpSession

Here is the code in main.php

‘session’=>array(

  'class' =&gt; 'CDbHttpSession',


  'connectionID' =&gt; 'db',


  'sessionTableName' =&gt; 'dbsession',

),

When login in with domain ‘www.xxx.com’, then it will redirect to ‘subdomainname.xxx.com’.

But now, the user show it’s not login in subdomainname.xxx.com, when change url to www.xxx.com, it show user is login.

Is there anything I do wrong?

Any reply is appreciate!

Y11 · November 13, 2010, 5:53pm

You have to set $cookieParams, by default the session cookie is only visible to the domain from which it was set.




'session'=>array(

   'class' => 'CDbHttpSession',

   'connectionID' => 'db',

   'sessionTableName' => 'dbsession',

   'cookieParams' => array(

      'domain' => '.example.com', // cookie now visible on example.com and all subdomains

   ),

),

If you make use of CWebUser::$allowAutoLogin, you have to do the same for the user component. Instead of $cookieParams, it’s called CWebUser::$identityCookie.

heamon · November 13, 2010, 6:01pm

Y!!:

You have to set $cookieParams, by default the session cookie is only visible to the domain from which it was set.
'session'=>array(

   'class' => 'CDbHttpSession',

   'connectionID' => 'db',

   'sessionTableName' => 'dbsession',

   'cookieParams' => array(

      'domain' => '.example.com', // cookie now visible on example.com and all subdomains

   ),

),
If you make use of CWebUser::$allowAutoLogin, you have to do the same for the user component. Instead of $cookieParams, it’s called CWebUser::$identityCookie.

It works like a charm, thank you very much! really appreciate!

swafsarl · March 14, 2011, 3:54pm

how to manage this? didnt understand!

plz help

Y11 · March 18, 2011, 3:23pm

Like this:


'user'=>array(

   'identityCookie' => array(

      'domain' => '.example.com', // cookie now visible on example.com and all subdomains

   ),

),

JFReyes · May 11, 2012, 1:54pm

Thanks Y!!, I’ve struggled with this for the past few days. My problem was with Chrome because IE worked fine.

zeam · November 7, 2013, 11:28pm

I had a little problems with this and resolved it by reading this:

http://www.yiiframework.com/wiki/135/single-sign-on-across-multiple-subdomains/

(From article)

Next, and this is the crucial bit with Yii (the above cookie configuration is generic PHP), the Yii application ID must be set in the config file:

array(

'id' =&gt; 'yourdomain',

Explanation:

The Yii application ID is used to generate a unique signed key, used as a prefix to access user state information. The ID should be set manually so that it is identical for each Yii application that needs to share cookies and sessions.