[TYPO3-dev] Weird cookie problem with FE login (wrong host) [UNDERSTOOD]
Xavier Perseguers
typo3 at perseguers.ch
Fri Dec 5 09:06:21 CET 2008
Hi,
>> There is a setting in install tool where you can set domain for login
>> cookies. Set it to ".example.com" (note the first dot).
>
> Yes, I thought it was only for BE login.
>
> I just changed this setting and now it seems to work. Thanks Dmitry. The
> session cookie is initialized once I enter the login form (before
> actually logging in).
>
> In my case I have the default domain which is cms.domain.tld and the
> different mount points with <something>.domain.tld, thus indicating
> .domain.tld in install tool for session cookie is just OK and for me it
> is ok.
>
> But I should investigate a bit more to see whether it works if I had
> another domain such as myotherdomain.tld.
I found reading class.t3lib_userauth.php that if I specify
$TYPO3_CONF_VARS['SYS']['cookieDomain'] = '/';
instead of '.domain.tld' for instance, the cookie will be set for the
current domain. Meaning that I may have www.domain.com and www.domain.fr
in the same tree and both will work with frontend session.
However, as the cookieDomain setting is globally defined and not part of
the domain record for instance, or from TS, it is not possible to have
this strange-but-I-would-like-to-have-it configuration where the main
TYPO3 install is run from www.my-cms-system.tld but all subwebsites
served from this install run on <some-name>.domain.com and I wished I
could share the session among all my *.domain.com websites.
If I were able to specify the cookieDomain as part of the domain record
I must create for each website, then it would fit the bill with
".domain.com" as cookie domain for each domain.
It would be time to provide a patch for this as 4.3 is not yet out :-)
--
Xavier Perseguers
http://xavier.perseguers.ch/en/tutorials/typo3.html
More information about the TYPO3-dev
mailing list