I’m working on single sign-on for my apps and thus want to move the
login cookie from the defaut domain to the top level domain of my
sites.
My cookie writing code is:
cookies[:login] = {:value => @user.security_token,
:domain => ‘.myown.com’,
:expires => Time.now.next_year}
What’s odd is that in development mode – I’ve not tried in production
yet. When I provide a :domain option the cookie is not written. If I
remove this line, the cookie is written as being from
‘mysite.myown.com’ just fine.
Note: I’m testing manually right now by looking at the Cookies dialog
in Firefox for the cookie. I’m also removing the session cookie to see
if the login refresh code, which looks for cookie[:login]. It fails,
so I’m pretty sure the cookie is not being written when I specify a
domain.
Am I nuts here? If this doesn’t work, then I’m jumping through a bunch
more hoops for single sign on. Ick.
thx,
–dwf