Why can't I pass user sessions between subdomains?

Question

First of all, I have used ALL of the suggested methods in this SO article: Allow php sessions to carry over to subdomains

For your convenience, here are the tips I already followed:

Here are 3 options.

Place this in your php.ini:

session.cookie_domain = ".example.com"

In your .htaccess:

php_value session.cookie_domain .example.com

As the first thing in your script:

ini_set('session.cookie_domain','.example.com' );

I have 9 subdomains (losangeles.mysite.com, sandiego.mysite.com, etc), and I would like users to be able to stay signed in between them. As of now, however, the server is treating each subdomain as a fully contained site with separate sessions.

Is there anything else I can do? Or how can I troubleshoot this?

Answer 1

I suspect the cookies are being set for .foo.example.com instead of .example.com. Try installing the Live HTTP Headers add-on for Firefox and checking what the cookies are getting set as.

To do this, open Live HTTP Headers and with the window open, go to the page that sets the cookie. In the window, there should be a line that looks like this.

Set-Cookie: lng=en-US; path=/; domain=.example.com;

If the cookie is set for domain=.foo.example.com; then you know what the problem is. However, if the domain is .example.com, something else is going on.

Also, if the cookies are getting set for .example.com on foo.example.com, check to see if the browser is sending cookies to bar.example.com. This should help track down where the problem is.