Vixiom Axioms

Ensure that rails sessions remain valid over subdomains and https

If you’re using Active Record Store for your sessions (keeping sessions in a database) you may ‘lose’ your sessions when jumping to a subdomain or to a https connection (in my case it was the latter).

Here’s how to make sure your sessions don’t go walk about.

Add this line to your ‘config/environments/production.rb’ file

ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_domain => ‘.mydomain.com’)

obviously replacing ‘mydomain.com’ for the domain in question.

This entry was posted on Tuesday, October 24th, 2006 at 11:43 am and is filed under Ruby on Rails. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

6 Responses to “Ensure that rails sessions remain valid over subdomains and https”

Sandro Says:
June 6th, 2007 at 8:26 am
You definitively save my life :D
artifactory Says:
July 5th, 2007 at 2:04 pm
Ditto - saved me some serious time. kudos.
Jason Says:
April 7th, 2008 at 7:47 am
Very much thank yous sire.
rndrfero Says:
May 5th, 2008 at 5:13 am
FOR ME (rails 2.0.2) THIS DID NOT WORK !!!!

instead of it works following line:

ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_domain] = ‘.mydomain.com’
Alastair Says:
May 5th, 2008 at 6:21 am
THIS POST IS TWO YEARS OLD!!! BUT THANKS FOR THE UPDATE AND THE CAPS!!!
Jeff Says:
May 30th, 2008 at 5:28 am
I HAVE RAILS 2.0.2

ADDING ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_domain] = ‘.mydomain.com’
gives me an authenticity error

are u suure it’s right?

Ensure that rails sessions remain valid over subdomains and https

6 Responses to “Ensure that rails sessions remain valid over subdomains and https”

Leave a Reply