[ic] Session problem on separate SSL server

Rick Bragg lists at gmnet.net
Fri Feb 12 13:46:28 UTC 2010


On Fri, 2010-02-12 at 02:15 -0500, Rick Bragg wrote:
> On Thu, 2010-02-11 at 22:33 -0700, Jon Jensen wrote:
> > On Thu, 11 Feb 2010, Rick Bragg wrote:
> > 
> > > I have read up on this and thought I had everything right, but my
> > > sessions are not carried over between my http and https servers.
> > >
> > > http://www.snowshoesvt.com
> > > https://www.northstarsportsvt.com/snowshoesvt/
> > >
> > > In my catalog config, I have the following:
> > >  WideOpen 1
> > >  CookieDomain  __COOKIE_DOMAIN__
> > > And in my variables.txt I have:
> > > COOKIE_DOMAIN .northstarsportsvt.com .snowshoesvt.com
> > >
> > > What else am I missing?  How can I get these two domains to share a
> > > session?
> > 
> > What does the link or form look like when you're crossing the divide? It 
> > will have to have mv_session_id in the URL or the POST, because the 
> > session cookie won't cross the domains.
> > 
> > Jon
> 
> Ah, no sessionID in the URL.  I thought there was some way to cross the
> cookie...  Is there really no way? 
> 
> Rick
> 

Oh right, of course browser's won't share cookies across domains, (meany
browsers! Nobody taught then to share!)  I guess my question is this: Is
there a way to insure that the session ID is passed via the URL or POST
methods whenever the divide is crossed until the cookies are set to the
same ID in both domains?

Rick






More information about the interchange-users mailing list