Sharing session between 1.2.3 and 2.3.2 apps

Rails
1

Hello,

I have an old, huge, awful 1.2.3 rails application. I can’t upgrade it
and I must integrate it with a new 2.3.2 rails app, by sharing sessions.
I’ve tried a lot of things, dirty things indeed, but that didn’t work.
Does anybody know a way to do this job?

Last thing I tried, unsuccessfully, was config 1.2.3 app this way:

ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_key
=> ‘_something_here’)
ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_id
=>
‘a0cd7a049e27f77c8ca73fd590552776e47de47e3c7a44638bd4ab8add7140c11edd892a4d9d019d643a068c88d1a30c72b544b453ccdd8774a17ac589112081c779f51834a567314b95a0cdda01fe977b16440b721f6fde71ce0130b70c5bf90d1066bdef4e5ec08dca457522b0b399cf4567603b377efb28f701fc78’)

And this in 2.3.2 app;

ActionController::Base.session = {
:key => ‘_something_here’,
:secret =>
‘a0cd7a049e27f77c8ca73fd590552776e47de47e3c7a44638bd4ab8add7140c11edd892a4d9d019d643a068c88d1a30c72b544b453ccdd8774a17ac589112081c779f51834a567314b95a0cdda01fe977b16440b721f6fde71ce0130b70c5bf90d1066bdef4e5ec08dca457522b0b399cf4567603b377efb28f701fc78’
}

Thanks in advance.

Marcia

2

Best of luck getting this to work - I don’t think the two mechanisms
are directly compatible. It may actually be less painful to set up
something like RubyCAS to do the signon.

BTW: 1.2.3 has a number of known security holes, including some issues
with possible session fixation attacks. You may want to at least try
to upgrade to a higher version in the 1.2.x series.

–Matt J.

On Jul 14, 9:06 am, Marcia A. [email protected]

3

Thanks, Matt. I’ll do that.

Matt J. wrote:

Best of luck getting this to work - I don’t think the two mechanisms
are directly compatible. It may actually be less painful to set up
something like RubyCAS to do the signon.

BTW: 1.2.3 has a number of known security holes, including some issues
with possible session fixation attacks. You may want to at least try
to upgrade to a higher version in the 1.2.x series.

–Matt J.

On Jul 14, 9:06�am, Marcia A. [email protected]