Forum: Ruby on Rails Sessions not persistent across http->https

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
E6f403ff9ccf6e4fe80bdefa40bb557a?d=identicon&s=25 Clever Neologism (Guest)
on 2007-03-06 23:46
(Received via mailing list)
So, I turned on our SSL support (apache and mongrel all configured
like they should be, forwarding the protocol header and all that).

Now, here is the problem: whenever I switch between SSL and non-SSL
pages, the session gets lost, and I am issued a new session_id cookie
with a different value.

After some googling, I found this line to add to my environment.rb
line:

ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_domain
=> '.mydomain.com')

When I add that line, the session is *never ever* kept, and I am never
actually logged in to the application.  I get instant redirects back
to the login page, because the session is lost.

So, what magical words do I need to put in my config files to make
these sessions persistent like they should be?  Is this code maybe for
older version of RAILS?
This topic is locked and can not be replied to.