On 09/04/2010 01:07 AM, [Ricardo Rodriguez] eBioTIC. wrote: > Hi! > > Following a comment in http://jira.xwiki.org/jira/browse/XEM-174 and > about xwiki.authentication.cookiedomains. > > As far as in understand it allows to share cookies between sub domains > (for instance, wiki1.mydomain.com, wiki2.mydomain.com and > wiki3.mydomain.com) but not between domains (for instance mydomain.com, > yourdomain.com, theirdomain.net). As I am not sure about the > terminology, I'm using between, across, sub domains and domains as per > http://www.15seconds.com/issue/971108.htm > > Am I right or is it currently possible to share cookies between domains > in a XWiki farm? For us, it is not possible to share a common part for > domain names of virtual wikis. It can't be wiki1.mydomain.com, > wiki2.mydomain.com but mydomain.com and yourdomain.com > > What I am trying to avoid is that an user must to log in more than once > to access all the granted resources within a XWiki farm, mainly when > moving from a virtual wiki to the main wiki for, for instance, edit > his/her preferences or modify his/her profile.
It is impossible to send a cookie for a domain that's not a substring of the current URL, since it would be a big security issue. Further, it is impossible to set cookies for a TLD (.com). One trick that might work, although I didn't try, is to use cross domain AJAX requests which add cookies, but this is not a bulletproof solution: - works only with JS - works only in browsers that understand cross-domain requests See https://developer.mozilla.org/en/HTTP_access_control and http://www.w3.org/TR/cors/ But maybe you should try something else, like WebID http://webid.myxwiki.org/ -- Sergiu Dumitriu http://purl.org/net/sergiu/ _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
