Different application session depending on path

Hi,

I have a multitenant app and each tenant ‘lives’ in a subdirectory of my
app. For example:

http://www.myapp.com/tenant1
http://www.myapp.com/tenant2

The problem is that if a tenant1 user logs in he automatically gains
access
to tenant2 data, because my app is using the same session for all
tenants
path. One way to solve this issue is creating a new session depending on
the path, but I can’t figure out how to do that.

Is there any easy way to do that using Rails?

Thanks in advance,
Gustavo

On Fri, Jan 11, 2013 at 4:56 AM, Gustavo de S Carvalho H.
[email protected] wrote:

path. One way to solve this issue is creating a new session depending on the
path, but I can’t figure out how to do that.

Is there any easy way to do that using Rails?

Issue a new session after they log in?
http://guides.rubyonrails.org/security.html#session-fixation-countermeasures

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs