So, I turned on our SSL support (apache and mongrel all configured like they should be, forwarding the protocol header and all that).
Now, here is the problem: whenever I switch between SSL and non-SSL pages, the session gets lost, and I am issued a new session_id cookie with a different value.
After some googling, I found this line to add to my environment.rb line:
ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update(:session_domain => '.mydomain.com')
When I add that line, the session is *never ever* kept, and I am never actually logged in to the application. I get instant redirects back to the login page, because the session is lost.
So, what magical words do I need to put in my config files to make these sessions persistent like they should be? Is this code maybe for older version of RAILS?
