Access subdomain session from main domain

Question

I have an application in mydomain.com. I want user will be redirected to example.mydomain.com when login to mydomain.com, however session successfully generating in a directory at example.mydomain.com. Now my problem is after submit login, users are not able to login example.mydomain.com. Although there are session files are available.

Session driver is file (mydoman.com config file)

$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 0;
$config['sess_save_path'] = 'mydir/application/session_data';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 0;
$config['sess_regenerate_destroy'] = FALSE;

My application working fine in local server. But not working in production.

Answer 1

You should have this in login action :

session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $rootDomain, $secure, $httponly) or something similar.

The point is how to set the $rootDomain. For example you have example.com as the main domain. And what you have to do is :

1. set it to example.com if cookies only used in main domain.
2. set it to .example.com (with dot) to make cookies visible on all subdomains.

Now about session_name() of main and sub domain :

1. If they are different, session created from main domain is visible for sub domain, but not vice versa. Logout only can be done from main domain but not from sub domain.

2. If they are same, session created from main domain is visible for sub domain and vice versa. Logout can be done from main or sub domain.

Answer 2

You also have to set the cookie_domain and cookie prefix in your config file like this

$config['cookie_prefix'] = "mydomain_";
$config['cookie_domain'] = ".mydomain.com";
$config['cookie_path'] = "/";
$config['cookie_secure'] = FALSE;