CakePHP session sharing between two apps, on the same domain


I am having two CakePHP application working on the same domain.

They are located at localhost:8080/wishlist and localhost:8080/lighthouse.

"Wishlist" and "lighthouse" are each separate CakePHP applications.

The login page is at localhost:8080/lighthouse, and I want the session generated by the lighthouse application to be used in the wishlist application.

The directory structure is

/htdocs /wishlist /app /config .... /lighthouse /app /config ....

I have edited the core.php file for each application. I am using the same session cookie name and the same security sale but I am not able to get the session on the wishlist application.

How can I share a session in between my two applications?


Firstly, install <a href="http://www.getfirefox.com" rel="nofollow noreferrer">Firefox</a>, <a href="http://getfirebug.com" rel="nofollow noreferrer">Firebug</a> and <a href="http://www.softwareishard.com/blog/firecookie/" rel="nofollow">Firecookie</a>. This will add a 'Cookies' tab to Firebug making it simple to inspect your cookies.

Cookies consist of multiple parts: name, value, domain, path, expires, etc. You are most interested in the 'path' part of the cookie here I believe.

By default CakePHP will restrict the path of each cookie to the subdirectory of your app. For example, when you visit /wishlist, a cookie will be created but it will be restricted to the /wishlist subdirectory. When you then go to /lighthouse the previous cookie won't apply, so thinking that you have no cookie/session, a new one is created that is restricted to the /lighthouse subdirectory.

You need to change the path of created cookies to / so they persist across all subdirectories. This should be as easy as adding ini_set('session.cookie_path', '/'); to both application's app/config/bootstrap.php files.


You should look at developing each one as a plugin or developing them in the same app. I am not sure why you would want to develop two seperate apps when they are sharing a login screen.


  • How do you submit a rails 3 form without refreshing the page?
  • Using nativescript converters
  • Creating an array of products in JSON-LD
  • fetch all links under/in a specific class-selenium webdriver (java)
  • Java catching exceptions and subclases
  • Do stored procedures have the ability to delete a file from the OS?
  • IIS7 Application Request Routing HTTPS
  • something very wrong with SESSIONS
  • send data back from jsp iterator to struts action class
  • Allocating a 2D contiguous array within a function
  • HttpListener.IsSupported is false on XP SP3
  • Sending cookie value via httpget but not getting the desired response
  • Enabling DTD support in Sql Server
  • GAE: Way to get reference to an HttpSession from its ID?
  • Angular2 component view does not update on value change via method
  • CakePHP ACL tutorial initDB function warnings
  • Does Mobilefirst provide a provision to access web services directly?
  • req.body is undefined - nodejs
  • Symfony2: How to get request parameter
  • Upload files with Ajax and Jquery
  • Do I've to free mysql result after storing it?
  • Akka Routing: Reply's send to router ends up as dead letters
  • 0x202A in filename: Why?
  • Invalid access key error using credentials redeemed from an amazon open id token
  • Circular dependency while pushing http interceptor
  • Run Powershell script from inside other Powershell script with dynamic redirection to file
  • Is there a mandatory requirement to switch app.yaml?
  • SetUp method failed while running tests from teamcity
  • A cron job substitute?
  • InvalidAuthenticityToken between subdomains when logging in with Rails app
  • json Serialization in asp
  • Load html files in TinyMce
  • How can I get HTML syntax highlighting in my editor for CakePHP?
  • JTable with a ScrollPane misbehaving
  • Angular 2 constructor injection vs direct access
  • Understanding cpu registers
  • coudnt use logback because of log4j
  • Java static initializers and reflection
  • Android Google Maps API OnLocationChanged only called once
  • UserPrincipal.Current returns apppool on IIS