I have a couple of domains which i want to shere sessions. I have created a method like this:
The user login is done in a central place and the sessions are saved in the database.
Lets say the user A wants to go to abc.com domain. My app redirects it to the main authentication domain where he logs in. After login is generated an auth token which is saved in a field in the sessions table and it is pass back to the abc.com application.
There I use the auth_token to get the session_id from the database and to set the session_id of abc.com the same.
The problem is that it allways creates a new session.
This is my code of the abc.com
$sessionId = // get from the database using the auth_token.
/* CLOSE PREVIOUS SESSION */
session_destroy();
// sets the new id.
session_id($sessionId);
/** start new session * */
session_start();
What i am missing?. I am using php with Symfony framework. Dont know if it´s related with symfony session handling.
Ok. I solved my problem. I had to delete the old session cookie after calling session_destroy().
Here is my full code if someone is interested:
$sessionId = // get session id from the database using the auth_token
session_destroy();
$this->getResponse()->setCookie('mycookie',null,time()-3600);
session_id($sessionId);
/** start new session * */
session_start();
$this->getResponse()->setCookie('mycookie', $sessionId,null,null,'mydomain');
Thanks everyone for the help.