[ic] Session problem on separate SSL server
Rick Bragg
lists at gmnet.net
Fri Feb 12 15:35:33 UTC 2010
On Fri, 2010-02-12 at 08:46 -0500, Rick Bragg wrote:
> On Fri, 2010-02-12 at 02:15 -0500, Rick Bragg wrote:
> > On Thu, 2010-02-11 at 22:33 -0700, Jon Jensen wrote:
> > > On Thu, 11 Feb 2010, Rick Bragg wrote:
> > >
> > > > I have read up on this and thought I had everything right, but my
> > > > sessions are not carried over between my http and https servers.
> > > >
> > > > http://www.snowshoesvt.com
> > > > https://www.northstarsportsvt.com/snowshoesvt/
> > > >
> > > > In my catalog config, I have the following:
> > > > WideOpen 1
> > > > CookieDomain __COOKIE_DOMAIN__
> > > > And in my variables.txt I have:
> > > > COOKIE_DOMAIN .northstarsportsvt.com .snowshoesvt.com
> > > >
> > > > What else am I missing? How can I get these two domains to share a
> > > > session?
> > >
> > > What does the link or form look like when you're crossing the divide? It
> > > will have to have mv_session_id in the URL or the POST, because the
> > > session cookie won't cross the domains.
> > >
> > > Jon
> >
> > Ah, no sessionID in the URL. I thought there was some way to cross the
> > cookie... Is there really no way?
> >
> > Rick
> >
>
> Oh right, of course browser's won't share cookies across domains, (meany
> browsers! Nobody taught then to share!) I guess my question is this: Is
> there a way to insure that the session ID is passed via the URL or POST
> methods whenever the divide is crossed until the cookies are set to the
> same ID in both domains?
>
> Rick
Actually, I am not going to do it this way as it is just bad practice
anyway... I will just re-direct for now, and eventually just use
different sub-domains for this.
Rick
More information about the interchange-users
mailing list