Session data transfer between Apache virtual hosts

Question

Session data transfer between Apache virtual hosts

How to transfer PHP session data from one Apache virtual host to another? I am currently running Apache 2.2.17 and PHP 5.3.3, and I have configured one host to manage one input application, and I need to transfer this to two other virtual hosts that are running separate applications. This is what I intend to develop further, but now transferring session data will be the easiest.

Currently, this code creates the first session in the SSO subdomain auth.domain.com, and then passes the user back to the app.domain.com application interface (was trimmed):

  $user = new User;
  $user->set_user_session();
  Header("Location: $redirectURL");
  exit;

The server is fully managed confidentially, so multi-user security is not a concern. However, if anyone sees any security issues that go beyond this, please let me know. If you know the best methodology, share it, and I will explore it further. I appreciate the help.

+5

php apache session-variables

crockpotveggies May 12, '11 at 1:43

source share

2 answers

( ), cookie , .

session_set_cookie_params(0, '', '.domain.com');

my.domain.com your.domain.com cookie .domain.com

redis storage . ( )

, VMS.

0

Artistan 21 . '17 17:36

Femi · Accepted Answer · 2011-05-12T01:56:38+0000

To my knowledge, PHP sessions are not (by default) knowledge of the virtual host: you need to pass the session identifier as part of the redirect, and then set it on another virtual host. So something like:

$sessionid = session_id();
Header("Location: $redirectURL?session=$sessionid");
exit;

And then to the redirect target:

session_id($_GET['session']);
session_start();

Try it and let me know how it works.

Session data transfer between Apache virtual hosts

More articles: