I'm working on single sign-on for my apps and thus want to move the login cookie from the defaut domain to the top level domain of my sites.
My cookie writing code is:
cookies[:login] = {:value => @user.security_token, :domain => '.myown.com', :expires => Time.now.next_year}
What's odd is that in development mode -- I've not tried in production yet. When I provide a :domain option the cookie is not written. If I remove this line, the cookie is written as being from 'mysite.myown.com' just fine.
Note: I'm testing manually right now by looking at the Cookies dialog in Firefox for the cookie. I'm also removing the session cookie to see if the login refresh code, which looks for cookie[:login]. It fails, so I'm pretty sure the cookie is not being written when I specify a domain.
Am I nuts here? If this doesn't work, then I'm jumping through a bunch more hoops for single sign on. Ick.
thx, --dwf