Re: sharing session cookies across sub-domains - how?

Wed, 30 Jan 2008 11:39:10 -0800

It's technically possible that cookies get shared accros domains, setting the cookie domaine to .mydomain.com. However, it will be of no help to you, because each subdomain runs it's own set of webapps in tomcat. The session can't be shared across webapps. If you need to shared datas with your subdomain, you would need a way to pass an identifier (a cookie) accross domains your self and get yourself shared datas from some common repository of data (a database for example).
As for just authentification, a valve like the signle sign on valve could be useful. But valves won't magically make your session datas shared. 


Steve Parker a écrit :

Guys,


I am using several sub-domains that all point to the same app (they 
cause different content to be displayed, depending on the 
sub-domain).  For example, I have:


content1.myapp.com
content2.myapp.com
content3.myapp.com
..etc...


I need the session data to be shared across these subdomains, so that 
when a user is clicking around the app, crossing across sub-domains, 
they won't lose the session state (e.g., if they're logged in, etc).



I understand that Tomcat uses session cookies to associate server 
session with the client request.  And I understand that the default 
behavior of this causes these session cookies to be specific to a 
domain/sub-domain.


My question:


How can I make the session cookies get written so that they are 
relevant to ALL sub-domains under the main domain.  I have read a few 
things that say that if you set the domain of the cookie to be 
".mydomain.com", it will be associated with all sub-domains of that 
primary domain.  But, not sure how to do this since tomcat has some 
built in way of setting these cookies...  I saw something with valves, 
but need more info.



Any help here, or suggestions for a different approach altogether for 
sharing session state across sub-domains, would be very much appreciated.


thx,
steve

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to