使用子域在 Rails 2.3.2 应用程序中丢失会话
我有一个 2.2.3 应用程序,已升级到 2.3.2
它是一个多站点(使用子域),为所有站点创建一个顶级会话。
这就是我在 Production.rb 中更改域的方法:
ActionController::Base.session_options[:domain] = "example.com"
# in rails 2.2.2, this is what i used to do:
# ActionController::Base.session_options[:session_domain] = "example.com"
升级后,奇怪的事情开始发生 我无法再使用 Restful 身份验证登录; 它确实对我进行了身份验证,但一旦我被重定向,它就会要求我再次登录。
正如我所说,我使用restful_authentication,也使用passenger 2.1.2。 有人可以帮忙吗?
I have a 2.2.3 app which I upgraded to 2.3.2
It's a multi-site (using subdomain) that creates one top level session for all sites.
This is how I change the domain in production.rb:
ActionController::Base.session_options[:domain] = "example.com"
# in rails 2.2.2, this is what i used to do:
# ActionController::Base.session_options[:session_domain] = "example.com"
Strange things started to happen after I upgraded
I can no longer log in using restful authentication; it does authenticate me, but as soon as I'm redirected, it would ask me to log in again.
As I said, I use restful_authentication and I also use passenger 2.1.2.
Can anyone help?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(10)
Olly的答案是正确的,在rails 2.3中应该是:
我只是想补充一点,如果您还没有创建一些会话选项,那么您在使用它时可能会收到这个:
在这种情况下,您应该使用它(这会创建会话)变量而不是更新它):
编辑:显然 Rails 2.2.2 项目使用不同的东西。 “domain”应命名为“session_domain”,并去掉域前面的句点字符。 尝试这个:
Olly's answer is correct, in rails 2.3 it should be:
I just wanted to add that if you don't already have some session options created you may receive this when using that:
In that case you should use this instead (which creates the session variable instead of updating it):
Edit: apparently Rails 2.2.2 projects use something different. "domain" should be named "session_domain" and take the period character off the front of the domain. Try this:
在 Rails 2.3 中你应该使用
In Rails 2.3 you should use
更可靠的解决方案是检查会话是否已经存在。 如果您盲目地替换整个会话对象,将来可能会给您带来麻烦。
我喜欢在初始化文件中执行此操作。
A more bullet proof solution would be to check if the session already exists or not. If you are blindly replacing the whole session object it may trip you up in the future.
I like to do this in an initializer file.
只是想提一下,动态处理 cookie 的整个子域的另一种方法是动态的。 适用于 2.3.4。
环境中有这样的东西.rb
Just wanted to mention that another way to handle the whole subdomain thing for the cookies is dynamically. Works in 2.3.4.
Something like this in the environment.rb
我正在运行 Rails 2.3.5 并
在development.rb 中有它,但我无法让它工作?
您还需要做些什么吗?
I'm running Rails 2.3.5 and have
in my development.rb but I don't get it to work?
Something else you need to do?
您必须指出:(
注意前导点),以便会话 cookie应用于 example.com及其子域 。
You must indicate:
(notice the leading dot) in order for the session cookie to apply to example.com as well as its sub-domains.
我们使用 nginx + Thin 遇到了同样的问题(丢失会话,没有子域)。 迁移到 apache + Passenger(最新版本)解决了这个问题。
we had the same problem (losing sessions, without subdomain), with nginx + thin. Migrating to apache + passenger (last version) fixed the problem.
我也在运行 2.3.5 并遇到了与 @alfred-nerstu 类似的问题,
@schickm 的补丁没有错误消息,但似乎也没有解决。
I'm also running 2.3.5 and encountering similar issues to @alfred-nerstu
No error messages with the patch from @schickm but it doesn't seem to take, either.
可以将其添加到设置会话密钥和秘密的同一位置
It could be added in the same place where you set the session key and secret
我在基于 cookie 的会话中遇到了同样的问题。 升级到 Passenger 2.1.3 似乎解决了这个问题。
I had the same problem with cookie-based sessions. Upgrading to Passenger 2.1.3 seemed to fix the issue.