search

benlucchesi / grails-cookie-session

cookie sessions for grails applications
28 stars 32 forks source link

Across two domains #66

Closed tmcgrath closed 8 years ago

tmcgrath commented 8 years ago

If a user successfully logins to a site www.test.com and then is redirected to www2.test.com (which is the same web app), will the sessions be different? Know what I mean?

I'd like the sessions to be the same, so a user can authenticate and then be redirected back to same site with a site id; www2.

This is like sticky sessions and I know bad things will happen if www2 goes down, but it doesn't seem possible with this plugin. Or is it just me? My config below

grails:
    plugin:
        cookiesession:
          enabled: true
          cryptoalgorithm: "Blowfish"
          secret: "sdfasflasdf"
          cookiecount: 10
          maxcookiesize: 2048  # 2kb
          sessiontimeout: 3600 # one hour
          cookiename: 'gsession'
          condenseexceptions: false
          path: '/'
          domain: 'test.com'
benlucchesi commented 8 years ago

Hey Todd,

If I understand correctly, you want to share sessions between two hosts under the same domain name - test.com. This is possible with the cookie-session plugin.

You need to make sure that the both applications have the exact same cookiesession configs and that the domain setting is set to just the domain portion: "test.com". It looks like you have the config setup correctly to accomplish this.

When you say that its the "same application" are you saying that its the same physical instance of the app, or are you running two instances of the app and redirecting from one instance to the other?

If its not working, can you crank up logging on the www2 to see what's happening with the session when it tries to decrypt the session? Also, check from the browser side to make sure the cookie is actually being sent to the server.

On Tue, May 31, 2016 at 10:11 AM, Todd McGrath notifications@github.com wrote:

If a user successfully logins to a site www.test.com and then is redirected to www2.test.com (which is the same web app), will the sessions be different? Know what I mean?

I'd like the sessions to be the same, so a user can authenticate and then be redirected back to same site with a site id; www2.

This is like sticky sessions and I know bad things will happen if www2 goes down, but it doesn't seem possible with this plugin. Or is it just me? My config below

grails: plugin: cookiesession: enabled: true cryptoalgorithm: "Blowfish" secret: "sdfasflasdf" cookiecount: 10 maxcookiesize: 2048 # 2kb sessiontimeout: 3600 # one hour cookiename: 'gsession' condenseexceptions: false path: '/' domain: 'test.com'

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/benlucchesi/grails-cookie-session/issues/66, or mute the thread https://github.com/notifications/unsubscribe/AAwojAXRMzFRWebqGWtYbYO0C2_Rzjrkks5qHGu5gaJpZM4IqwOy .

tmcgrath commented 8 years ago

It looks like it was me. I needed to clear my cookies for test.com. Thanks for fast response!

tmcgrath commented 8 years ago

But, I did change domain from 'test.com' to '.test.com'