Authentication cookies

I would like to know if it is possible to share Authentication cookies
between 2 url's with ruby. Does anyone know how to?

thanks

I would like to know if it is possible to share Authentication cookies
between 2 url's with ruby. Does anyone know how to?

Well for starters the contents of the authentication cookie needs to
contain something the 2 apps understand (assuming it's two different
apps), so for example just sticking user.id in the cookie won't be
enough if user ids don't match between the 2 apps.
Secondly you'll have to set the domain of the cookie appropriately.
Normally if you go to foo.bar.com you'll get a cookie valid for
foo.bar.com. Instead you need to set the domain of the cookie to
'.bar.com' which means that anything ending in bar.com will receive
your cookie

Fred

Well for starters the contents of the authentication cookie needs to
contain something the 2 apps understand (assuming it's two different
apps), so for example just sticking user.id in the cookie won't be
enough if user ids don't match between the 2 apps.
Secondly you'll have to set the domain of the cookie appropriately.
Normally if you go to foo.bar.com you'll get a cookie valid for
foo.bar.com. Instead you need to set the domain of the cookie to
'.bar.com' which means that anything ending in bar.com will receive
your cookie

Fred

I forgot to mention that the 2 URL's are completely different but they
are using the same database. I'm not sure if this is possible two write
one cookie that checks authentication for both sites. If this does not
work is there any other way I can do this?

thanks

Well for starters the contents of the authentication cookie needs to
contain something the 2 apps understand (assuming it's two different
apps), so for example just sticking user.id in the cookie won't be
enough if user ids don't match between the 2 apps.
Secondly you'll have to set the domain of the cookie appropriately.
Normally if you go to foo.bar.com you'll get a cookie valid for
foo.bar.com. Instead you need to set the domain of the cookie to
'.bar.com' which means that anything ending in bar.com will receive
your cookie

Fred

I forgot to mention that the 2 URL's are completely different but
they
are using the same database. I'm not sure if this is possible two
write
one cookie that checks authentication for both sites. If this does not
work is there any other way I can do this?

In that case you can't share a cookie. Have you considered OpenID ?

Fred

Frederick Cheung wrote:

Frederick Cheung wrote:

In that case you can't share a cookie. Have you considered OpenID ?

Fred

I'm not familiar with that what is it?

http://openid.net/

There's a rails plugin for it

Fred

Frederick Cheung wrote: