I have a website that consists of 2 applications:
- Front end application
- Backend application
The front end has the www domain, whereas the backend has the job subdomain. For example, my front end application has the domain www.example.com/*, whereas my backend as the job.example.com/*. My front end application can locate on one server, whereas the back end can locate on another server. Or they are both stored on the same server.
The question now is whether the session variables I stored in the super global _Session ( PHP) can work across different sub domain. If I set _Sesssion['SessionID'] in www.example.com/*, can I retrieve the same _Sesssion[‘SessionID’] from job.example.com/*? Do I need to do special configuration to work?
For using the same sessions on multiple domains/servers, you have to take care of two aspects:
Storage
For different servers you could write your own session save handler that both servers can use. This could for example be a database that both have access to.
Session ID sharing
If you want to share a session ID for multiple domains (might be on the same server or different) and want to use cookies to transport the session ID, you have to modify the session ID cookie settings so that the cookie is valid for both domains. But this is only possible if both domains share the same higher level domain. For
www.example.comandjobs.example.comthat shareexample.com, the$domainparameter forsession_set_cookie_params()has to be set to.example.com.