Different user sessions with different domain name?

i noticed if you access my site with xxx.com versus www.xxx.com
separate user sessions are created such that same visitor form the
same browser can log in twice. I am not sure if this perhaps is a DNS
issue or this can be dealt at the level of rails app.

Thanks.

Cookies are scoped according to a domain name and path, so if you’re
using
two different host names, you’re going to get two different cookies.

I would fix this on the level of your web server as it’s got nothing to
do
with Rails really. This page on the Apache wiki will give you an idea
of
what you need to do, but the solution will depend on which HTTP server
you
use.

http://wiki.apache.org/httpd/CanonicalHostNames

On Wed, Jun 1, 2011 at 6:42 PM, tashfeen.ekram
[email protected]wrote:

i noticed if you access my site with xxx.com versus www.xxx.com
separate user sessions are created such that same visitor form the
same browser can log in twice. I am not sure if this perhaps is a DNS
issue or this can be dealt at the level of rails app.

in config/initializers/session_store.rb

MyApp::Application.config.session_store :cookie_store, :key =>
‘_my_app_session’, :domain => ‘xxx.com

so any subdomain will still use the session for xxx.com

in config/initializers/session_store.rb

MyApp::Application.config.session_store :cookie_store, :key =>
‘_my_app_session’, :domain => ‘xxx.com

the solution I’ve found to work consistently is to modify as above,
but set :domain => ‘.xxx.com’

Having the leading period (.) will set a common cookie that is shared
by all subdomains. I use this technique to handle a secure subdomain
vs. a www subdomain, without creating new sessions between the two.

Kevin

OK, it’s got something to do with Rails. :slight_smile:

Thanks for the dose of knowledge, Jim.

But overall redirection from non www to www or vice versa should be done
at
least for “www” subdomain… As google bot considers www and non www as
two
different sites.

So go with Apache configs way if you want www and non www to be same.

And go with Rails cookies way, if you really have some subdomains like
app1.example.com and app2.example.com, where app1 and app2 are sharing
the
session.

On Thu, Jun 2, 2011 at 9:18 AM, jiblethead [email protected] wrote:

by all subdomains. I use this technique to handle a secure subdomain
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.


Ratnadeep Deshmane.
http://rtdptech.com

Yes, important point there. The choice to host across multiple
subdomains
should be made for a reason, not by default. If the subdomain is an
essential part of the user’s request (Google up “Basecamp style
subdomains”
if you’re not sure what I mean by this) then it’s possible that you’d
want
separate cookies for each subdomain. In the vast majority of cases
however,
the application isn’t inferring anything from the subdomain, and you’re
potentially losing PageRank.

Making the configuration at the web server will help you with both
problems,
if it is in fact a problem to have more than one subdomain, whereas the
Rails-only solution helps only with cookie management.

On Thu, Jun 2, 2011 at 9:53 AM, [email protected] <

This has been great advice. I am using nginx. (I know this is now not
a rails questions, but I figured to complete the post here so as not
to cross post). The way to to do this on nginx is as follows:

server {
listen 80;
server_name domain.com *.domain.com;
rewrite ^ http://www.domain.com$request_uri? permanent;
}

server {
listen 80;
server_name www.domain.com;

index index.html;
root /home/domain.com
}

This is taken from:

http://blog.martinfjordvald.com/2010/07/nginx-primer/

On Thu, Jun 9, 2011 at 6:16 AM, tashfeen.ekram
[email protected]wrote:

just to make sure i dunerstood this. so to optimize ranking, when
soeone types in xxx.com it should be routed to www.xxx.com at the
level of the http server?

yes, you are right.

the application isn’t inferring anything from the subdomain, and you’re

in config/initializers/session_store.rb

For more options, visit this group at
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]domain.invalid.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.


Ratnadeep Deshmane.
http://rtdptech.com

just to make sure i dunerstood this. so to optimize ranking, when
soeone types in xxx.com it should be routed to www.xxx.com at the
level of the http server?

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs