Unable to share sessions between https and http

« 
Previous topic
|
Install & configuration
|
Next topic
 »
Author Message

Vincent Laemmel

Tuesday 10 May 2011 11:45:11 am

Hi,

 

I cannot share sessions between two siteaccess (http and https)

 

Here is my configuration : a single eZ Publish 4.4 instance (common database) on a linux server (Debian 5)

  • siteaccess A : https://myextranet.mydomain.com
  • siteaccess B : http://mysite.mydomain.com

(using HostMatchType=map and HostMatchMapItems in : override/site.ini.append)


Session configuration in /override/site.ini.append :
[Session]
SessionNameHandler=default
SessionNamePerSiteAccess=false

(nothing else in the specific siteaccess)

 

Use case : my user logs in the extranet (https) and switch from here to the other site (http) with an html link. This authentificated user should be connected on the site with his previous profil (sessions shared beetwen the two siteaccess).
In facts, the user is set to anonymous on the second site (and cannot see the ez publish toolbar to administrate the contents in my own case...)

 

Any information would be very helpfull ;)

 

Vincent

Marko Žmak

Wednesday 11 May 2011 12:01:49 am

What if you try to share the session between two siteaccesses both using only http? Is it working then?

--
Nothing is impossible. Not if you can imagine it!

Hubert Farnsworth

Vincent Laemmel

Wednesday 11 May 2011 1:12:17 am

Not working using http between the two siteaccess...

André R.

Wednesday 11 May 2011 1:27:00 pm

Try debugging the session cookie, 1st you seem to use different sub domain so you need to setup php.ini setting session.cookie_domain to make sure cookie can be shared. Also disable session.cookie_secure if enabled. On 4.5 and up you can control these settings from site.ini as well.

eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom

Vincent Laemmel

Friday 13 May 2011 1:45:05 am

It works fine, thanks a lot !

 

Modifications in php.ini :

session.cookie_domain=".mydomain.com"

(session.cookie_secure=off, default value)
Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.