[ic] Session problem on separate SSL server

Rick Bragg lists at gmnet.net
Fri Feb 12 15:35:33 UTC 2010


On Fri, 2010-02-12 at 08:46 -0500, Rick Bragg wrote:
> On Fri, 2010-02-12 at 02:15 -0500, Rick Bragg wrote:
> > On Thu, 2010-02-11 at 22:33 -0700, Jon Jensen wrote:
> > > On Thu, 11 Feb 2010, Rick Bragg wrote:
> > > 
> > > > I have read up on this and thought I had everything right, but my
> > > > sessions are not carried over between my http and https servers.
> > > >
> > > > http://www.snowshoesvt.com
> > > > https://www.northstarsportsvt.com/snowshoesvt/
> > > >
> > > > In my catalog config, I have the following:
> > > >  WideOpen 1
> > > >  CookieDomain  __COOKIE_DOMAIN__
> > > > And in my variables.txt I have:
> > > > COOKIE_DOMAIN .northstarsportsvt.com .snowshoesvt.com
> > > >
> > > > What else am I missing?  How can I get these two domains to share a
> > > > session?
> > > 
> > > What does the link or form look like when you're crossing the divide? It 
> > > will have to have mv_session_id in the URL or the POST, because the 
> > > session cookie won't cross the domains.
> > > 
> > > Jon
> > 
> > Ah, no sessionID in the URL.  I thought there was some way to cross the
> > cookie...  Is there really no way? 
> > 
> > Rick
> > 
> 
> Oh right, of course browser's won't share cookies across domains, (meany
> browsers! Nobody taught then to share!)  I guess my question is this: Is
> there a way to insure that the session ID is passed via the URL or POST
> methods whenever the divide is crossed until the cookies are set to the
> same ID in both domains?
> 
> Rick

Actually, I am not going to do it this way as it is just bad practice
anyway...  I will just re-direct for now, and eventually just use
different sub-domains for this.

Rick 






More information about the interchange-users mailing list