Yes, here is one method of making it more secure. So have you two sites, siteA.com and siteB.com.
User is browsing siteA.com and you want them transferred to siteB.com They click a link: eg. siteA.com/blah/redirectem/ In your redirectem method you get the current session id and save it into your database (eg. site_transfers) with a uuid (ie. String::uuid) then you do a redirect to siteB.com/blah/catchem/$uuid and search your database table for the uuid token and then instantiate the session with the session id from the db. Then delete the uuid and session id from your site_transfers table. All done! On Jan 17, 2:57 pm, Kyo <[EMAIL PROTECTED]> wrote: > Following your instruction, now i figured out how to share sessions > between applications. > In my view I appended the session ID to the link like this: > > $html->link( 'Go to the other application',"http://www.example.com/ > other_cake/tests/index/sess_id:{$session->id('Test')}"); > > On the other application, in the beforeFilter method in my controller: > > function beforeFilter() { > $this->Session->id($this->params['named']['sess_id']); > > } > > I appreciate your instruction! > Are there any way to make this more secure? > > On 1月16日, 午後10:48, Adam Royle <[EMAIL PROTECTED]> wrote: > > > Yes! When you transfer between applications (I'm guessing you have a > > link of some description) append thesessionid onto your querystring > > and use $this->Session->id($this->params['url']['sess_id']) on the > > other end. There are more secure approaches to this, but you still > > need to pass some kind of token so you know your user is really your > > user. > > > Adam > > > On Jan 16, 6:58 pm, Kyo <[EMAIL PROTECTED]> wrote: > > > > Yes, I use the same db for both applications. > > > When I jump from one cake application to another, they store two > > >sessiondata with different IDs. > > > Cookie got anything to do with it? > > > > On 1月16日, 午後5:44, AD7six <[EMAIL PROTECTED]> wrote: > > > > > On Jan 16, 6:15 am, Kyo <[EMAIL PROTECTED]> wrote: > > > > > > I currently use two Cake applications (beta 1.2) for my project but > > > > > I'm wondering if there is any way to sharesessiondata between those > > > > > two applications. Both applications have database sessions. > > > > > Use the same db for both? It's pretty much what db sessions are for. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
