Feb 29, 2008
Generic-user-small Morten Chris... 1 post

Topic: Advanced Rails Recipes / Sessions won't persist after setting session_domain

I have the same problem. Giving users a custom SUB-domain works but I can’t get the fully custom domain feature to work. No sessions are started so it appears to be a cookie problem. I have tried not using localhost as the reader on this thread suggests but to no avail.

Besides I have a number of issues with this recipe.
1) It is unclear what to do with “ActionController::Base.session_options[:session_domain]” to support both custom SUB-domains and fully customized domains. First he states to use it for SUB-domains and then not to use it for domains. What do do when using both ?

2) What exactly does this mean at the end “It’s also not wise to allow people to register domains under the main name of your app.”.... Does this mean that the custom subdomain feature is not really something that is adviced after all?

3) There are problems with this recipe and SSL. As far as I can see the fully custom domain feature that the author writes about would never be fully usable with any single SSL certificate so forget about using this feature for a secure site….My current thinking is that a controlled redirect from the custom domain to the custom SUB-domain + a SLL wildcard would be the only think that would actually work for a secure site (this is also how google apps works).... Am I wrong?

Sincerely,
Morten Christensen

1 post