For the past day, I’ve been tracking down a hair-pulling-ly frustrating bug in Rails ( with Authlogic on Passenger).
My sessions weren’t sticking in production
Cross-domain or otherwise (doubly frustrating because a) Authlogic has been so rock solid for me otherwise, b) worked as expected in development).
Turns out, I wasn’t setting the session domain correctly in environments/production.rb.
config.action_controller.session[:domain] = '.YOURDOMAIN.COM'
Note the dot (it’s there for subdomains). Oh, and be sure to correctly spell your domain name…or sessions won’t work at all. 😉
config.action_controller.session[:domain] = ‘.DOERING-MBA.COM’ breaks Passenger, generating a syntax error. Rails 2.3.4, Passenger 2.2.5
Newer versions of rails (I’m guessing >= 2.3.4) need to do this instead:
config.action_controller.session = { :domain => ‘.YOURDOMAIN.COM’ }
In Rails 3.1, just navigate to file session_store.rb in your projects config/initializers directory and issue:
YourApp::Application.config.session_store :cookie_store, :key => ‘_your_app_session’, :domain => :all
I spent a while figuring this out – partly because I was issuing the correct parameter in the wrong place (application.rb instead of session_store.rb).