问题
The website I am building has a subdomain per user. The default domain is www.acme.com, my own page would (for example) be marcel.acme.com. Another users pages are under johndoe.acme.com. Now the following happens: - www.acme.com shows me as logged in. - marcel.acme.com shows me as logged in. - johndoe.acme.com shows me as anon.
Within my config.yml I did set
framework:
session:
cookie_domain: .acme.com
Firewall is defined for ^/ and uses both form_login (FosUserBundle) and oauth. Both have same behavior.
Login on www.acme.com does redirect to marcel.acme.com, so probably that is why both marcel and www do work, but how can I get all subdomains to work?
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
oauth:
login_path: /login
failure_path: /login
check_path: /login
use_forward: false
default_target_path: /mytracker
provider: fos_userbundle
resource_owners:
facebook: /login/check-facebook
oauth_user_provider:
service: my_user_provider
anonymous: true
logout:
path: /logout
target: /
Version of Symfony is 2.6.5
回答1:
Seems I managed to solve it. Within my config I added:
session:
cookie_lifetime: 0
save_path: %kernel.root_dir%/var/sessions
cookie_domain: .acme.com
name: SFSESSID
Furthermore I added to my security:
remember_me:
key: "%secret%"
lifetime: 31536000
path: /
domain: .acme.com
That last part should not be needed bt I want to implement remember_me functionality anyway. Thanks for thinking along, maybe someone is helped by this.
来源:https://stackoverflow.com/questions/29829537/symfony2-session-for-all-subdomains