Home/ Questions/Q 8129643
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T08:23:04+00:00

For starters, we’re using the Yii framework to create our sites and it is

  • 0

For starters, we’re using the Yii framework to create our sites and it is handling the creation of the cookies.

We have a site with many subdomains so the main site has a session cookieParams of “.sitename.com”.

Something like this:

We have www, a, and b to share the same session cookie and this works great.

However, we have one special admin subdomain that has a different user system and login mechanism, so we have a separate session cookieParam of “admin.sitename.com”.

The problem is, if someone gets a session cookie from the main site, logging into the admin site fails, because the main site’s “.sitename.com” cookie appears to be taking precedence. Deleting the cookie for the main site fixes the issue temporarily until the browser visits the main site again.

Is there any way around this, or is there a better way to set the cookies domain?

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    After ispecting how yii accomplishes this with their gii tool I set the following in my config.php and got it working.

    <?php 

$config = array(
    ...
    'components'=>array(
        ...
        'user'=>array(
            // enable cookie-based authentication
            'allowAutoLogin'=>true,
            'class' => 'WebUser',
            // Create a custom key prefix for the user cookie
            'stateKeyPrefix'=>'customkey',
        ),
        ...
        'session' => array (
            // Provide a custom name for the session id to differentiate it 
            // from the default PHPSESSID
            // Cannot use dots in the session id :(
            'sessionName' => 'custom_session_id',
            // Keep session stored in db for use accross load balancer
            'class' => 'system.web.CDbHttpSession',
            'connectionID' => 'db',
        ),
        ...
    ),
);
    • 0