CODEWITHSUNDEEP
phpsessionsession-cookiessetcookie
Kuf
Kuf

Reputation: 17828

PHP sessions in redis ignores session.cookie_domain configuration

I have a couple of subdomains that share the same sessions. I used to have a single server, and i had the following the the php.ini to allow keeping same cookie for all subdomains:

session.cookie_domain = ".mydomain.com"

using this configuration makes the server return the following set-cookie:

Set-Cookie: PHPSESSID=aumsloucmjspvs1mbvromqq1b5; path=/; domain=.mydomain.com

Now that I have few servers, I wanted to use Redis to to share the sessions between all servers. I set up the server and added the following to php.ini:

session.save_handler = redis
session.save_path = tcp://192.1.1.1:6379?auth=noauth

The sessions are saved successfully on the server, but the set-cookie returned is incorrect:

Set-Cookie: PHPSESSID=cec074e4d961ff6c800c21b7466c7d5a; path=/

So on the next call the client to a different subdomain it doesn't send the cookie he got from the first subdomain.

I'm using PHP 5.3.18, redis 2.2.5, in sessions in phpinfo():

Directive               Local Value  Master Value
session.auto_start      Off          Off
session.bug_compat_42   Off          Off
session.bug_compat_warn Off          Off
session.cache_expire    180          180
session.cache_limiter   nocache      nocache
session.cookie_domain   .example.com     .example.com
session.cookie_httponly Off          Off
session.cookie_lifetime 0            0
session.cookie_path     /            /
session.cookie_secure   Off          Off
session.entropy_file    no value     no value
session.entropy_length  0            0
session.gc_divisor      1000         1000
session.gc_maxlifetime  43200        43200
session.gc_probability  1            1
session.hash_bits_per_character 5    5
session.hash_function   0            0
session.name            PHPSESSID   PHPSESSID
session.referer_check   no value    no value
session.save_handler    files       files
session.save_path   /var/lib/php/session       /var/lib/php/session
session.serialize_handler   php php
session.use_cookies On  On
session.use_only_cookies    On  On
session.use_trans_sid   0   0

Any idea how can i force the server to send the proper set-cookie?

Upvotes: 1

Views: 1738

Answers (2)

Alexandre
Alexandre

Reputation: 1

To set session name as Redis prefix have resolve the problem for me :

session_name('PHPREDIS_SESSION');

Upvotes: 0

Kuf
Kuf

Reputation: 17828

Following a tip I got from a friend, I moved the same configurations to /etc/httpd/conf.d/php.conf and for some unknown reason it started working!

If anyone here understands the reason it helped I would love to hear it, and I hope this will help others with the same issue.

Upvotes: 1

Related Questions