I wanted to do the following on my site:
http://www.cadechristian.com and https://secure.cadechristian.com
I ran in to the problem that the cookie was not valid on BOTH domains and I search for the longest time before I found this solution.
What I found was to put this in the environmnet.rb file: (I'm on rails 2.1)
config.action_controller.session = {
:session_domain => '.cadechristian.com',
:session_key => 'xxxxxxxxxxxxxxxxxxx',
:secret => 'xxxxxxxxxxxxxxxxxxx'
}
I had some issues testing this on my local development environment since I was using just cadechristian as the hostname. The cookie host NEEDS to have the . and then a domainname.com. (minimum two levels)
.something.local is valid but .something is not.. The first DOT is very important for it to work.
Now I installed the ssl_requirement plugin and hardcoded the code where it does the redirect to SSL_HOSTNAME and NONE_SSL_HOSTNAME which I set in my development.rb/production.rb...
Works great....
No comments:
Post a Comment