CakePHP将会话从主域保持到子域 [英] CakePHP keep session from main domain across to a subdomain

问题描述

我正在与Cakephp合作，我有一个问题维护会话跨子域。我的问题如下：

• 用户登录'localhost / login'

目前Cake正在为每个域创建一个cookie，即localhost和customer.localhost。
这意味着我不能保持会话为用户工作。有没有办法使所有的cookies域固定到父域，目的是保持会话跨子域工作？

我已经尝试在我的引导输入这个，但它没有效果：
ini_set（'session.cookie_domain'，'.localhost'）;

如果你认为这不能完成，请随时让我

kSeudo

非常感谢，

解决方案

会话：

对于所有子域和顶级域都有效，实际上需要在 APP / config / bootstrap.php 文件中自行设置：

  ini_set（'session.cookie_domain'，'.domain.com'）; 
  

然后，在 APP / config / core.php file，将安全性设置为低：

 配置:: write（'Security.level'，'low'）; 
  

否则referer_check将被设置为$ b中的当前HTTP_HOST $ b CakeSession对象行441。

---

---

$ b b

Cookie ：

在此页，它解释了您可以使用domain变量：

允许访问cookie的域名。
例如使用'.yourdomain.com'可以允许所有子域名访问。

 <？php 
 public $ components = array（'Cookie'）; 
 public function beforeFilter（）{
 parent :: beforeFilter（）; 
 $ this-> Cookie-> name ='baker_id'; 
 $ this-> Cookie-> time = 3600; //或'1小时'
 $ this-> Cookie-> path ='/ bakers / preferences /'; 
 $ this-> Cookie-> domain ='example.com'; 
 $ this-> Cookie-> secure = true; //即仅在使用安全HTTPS时发送
 $ this-> Cookie-> key ='qSI232qs *& sXOw！'; 
 $ this-> Cookie-> httpOnly = true; 
} 
  

I am working with Cakephp and I have an issue maintaining session across subdomains. My problem is as follows:

• Users login on 'localhost/login'
• If authenticated they are redirected to 'customer.localhost/home'.

Currently Cake is creating a cookie for each domain ie localhost and customer.localhost. This means that I cannot keep the session working for the user. Is there a way to make all cookies domain fixed to the parent domain with the goal of keeping the session working across subdomains?

I have tried entering this in my bootstrap but it has no effect: ini_set('session.cookie_domain', '.localhost');

If you think this cannot be done please feel free to let me know so that I can move on from this frustrating problem.

Many thanks,

kSeudo

解决方案

Sessions:

To make the session cookie valid for all your subdomains and the top level domain, you actually need to set it yourself in your APP/config/bootstrap.php file:

ini_set('session.cookie_domain', '.domain.com');

Then, in your APP/config/core.php file, set Security to low:

Configure::write('Security.level', 'low');

"otherwise the referer_check will be set to the current HTTP_HOST in the CakeSession object line 441."

---

---

Cookies:

On this page it explains that you can use the 'domain' variable:

The domain name allowed to access the cookie. e.g. Use ‘.yourdomain.com’ to allow access from all your subdomains.

Per their example code:

<?php
public $components = array('Cookie');
public function beforeFilter() {
    parent::beforeFilter();
    $this->Cookie->name = 'baker_id';
    $this->Cookie->time =  3600;  // or '1 hour'
    $this->Cookie->path = '/bakers/preferences/';
    $this->Cookie->domain = 'example.com';
    $this->Cookie->secure = true;  // i.e. only sent if using secure HTTPS
    $this->Cookie->key = 'qSI232qs*&sXOw!';
    $this->Cookie->httpOnly = true;
}

这篇关于CakePHP将会话从主域保持到子域的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！