So, I turned on our SSL support (apache and mongrel all configured like they should be, forwarding the protocol header and all that). Now, here is the problem: whenever I switch between SSL and non-SSL pages, the session gets lost, and I am issued a new session_id cookie with a different value. After some googling, I found this line to add to my environment.rb line: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_domain => '.mydomain.com') When I add that line, the session is *never ever* kept, and I am never actually logged in to the application. I get instant redirects back to the login page, because the session is lost. So, what magical words do I need to put in my config files to make these sessions persistent like they should be? Is this code maybe for older version of RAILS?
on 2007-03-06 23:46