CakePHP的会话保持与主域跨越到一个子域 [英] CakePHP keep session from main domain across to a subdomain
问题描述
我与CakePHP的工作,我有一个问题在跨子域维护会话。我的问题是:
- 用户登录上本地主机/登录
- 如果验证他们被重定向到customer.localhost /家。
目前蛋糕正在为每个域,即本地主机和customer.localhost的cookie。
这意味着,我不能保持会话的用户的工作。有没有一种方法,使固定在父域在保持该会话跨子域工作的目标,所有Cookie域?
我在尝试引导进入这一点,但没有任何效果:
的ini_set('session.cookie_domain','.localhost');
如果你认为这不能做,请随时让我知道,这样我可以从这个令人沮丧的问题移动。
非常感谢,
kSeudo
会话:
为了使会话cookie有效期为所有子域名和顶级域名,你实际上需要自己设置它在你的 APP /配置/ bootstrap.php中
文件:
的ini_set('session.cookie_domain','.domain.com');
然后,在你的 APP /配置/ core.php中
文件,设置安全性低:
配置::写(Security.level','低');
否则referer_check将被设置为当前HTTP_HOST在
该CakeSession对象行441。
块引用>饼干:
在此页面它说明了可以使用'域'变量:
允许访问cookie中的域名。
例如使用'.yourdomain.com允许所有的子域的访问。
块引用>每他们为榜样code:
< PHP
公共$组件=阵列('曲奇');
公共职能beforeFilter(){
父:: beforeFilter();
$这个 - > Cookie->名称='baker_id';
$这个 - > Cookie->时间= 3600; //或'1小时的
$这个 - > Cookie-> PATH =/面包/ preferences /';
$这个 - > Cookie->域='example.com';
$这个 - > Cookie->安全=真; //即如果使用安全的HTTPS只派
$这个 - > Cookie->关键='qSI232qs *放大器; sXOw!';
$这个 - > Cookie->的HttpOnly = TRUE;
}I am working with Cakephp and I have an issue maintaining session across subdomains. My problem is as follows:
- Users login on 'localhost/login'
- If authenticated they are redirected to 'customer.localhost/home'.
Currently Cake is creating a cookie for each domain ie localhost and customer.localhost. This means that I cannot keep the session working for the user. Is there a way to make all cookies domain fixed to the parent domain with the goal of keeping the session working across subdomains?
I have tried entering this in my bootstrap but it has no effect: ini_set('session.cookie_domain', '.localhost');
If you think this cannot be done please feel free to let me know so that I can move on from this frustrating problem.
Many thanks,
kSeudo
解决方案Sessions:
To make the session cookie valid for all your subdomains and the top level domain, you actually need to set it yourself in your
APP/config/bootstrap.php
file:ini_set('session.cookie_domain', '.domain.com');
Then, in your
APP/config/core.php
file, set Security to low:Configure::write('Security.level', 'low');
"otherwise the referer_check will be set to the current HTTP_HOST in the CakeSession object line 441."
Cookies:
On this page it explains that you can use the 'domain' variable:
The domain name allowed to access the cookie. e.g. Use ‘.yourdomain.com’ to allow access from all your subdomains.
Per their example code:
<?php public $components = array('Cookie'); public function beforeFilter() { parent::beforeFilter(); $this->Cookie->name = 'baker_id'; $this->Cookie->time = 3600; // or '1 hour' $this->Cookie->path = '/bakers/preferences/'; $this->Cookie->domain = 'example.com'; $this->Cookie->secure = true; // i.e. only sent if using secure HTTPS $this->Cookie->key = 'qSI232qs*&sXOw!'; $this->Cookie->httpOnly = true; }
这篇关于CakePHP的会话保持与主域跨越到一个子域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!