Rails Sessions over servers


I'd like to have some rails apps over different servers sharing the same session. I can do it within the same server but don't know if it is possible to share over different servers. Anyone already did or knows how to do it?



Depending on how your app is set up, you <em>can</em> easily share cookies from sites in the same domain (foo.domain, bar.domain, domain) by setting your apps up to use the same secret: <a href="http://www.russellquinn.com/2008/01/30/multiple-rails-applications/" rel="nofollow">http://www.russellquinn.com/2008/01/30/multiple-rails-applications/</a>

Now, if you have disparate sites, such as sdfsf.com, dsfsadfsdafdsaf.com, etc. you'll have to do a lot more tricks because the very nature of cookies restricts them to the specific domain. Essentially what you're trying to do is use cross-site scripting to, instead of hijack your session, read it from the other ones.

In that case, a combination of using the same cookie secret etc and then some cross-site scripting you can manually extract the session info and re-create it on each site (or if you use ActiveRecord session {or NFS session dir}, link up with the existing one). It's not easy, but it can be done.

Or, the low-tech way (which I've done before) is simply have the login page visit a specially crafted login page on each site that sets an app cookie on it and bounces you to the next one. It isn't pretty.


Use the <a href="https://github.com/rails/activerecord-session_store" rel="nofollow">Database Session store</a>. The short of it is this:


To generate the table, at the console, run

rake db:sessions:create

in your environment.rb, include this line

config.action_controller.session_store = :active_record_store </blockquote>


Try using database-backed sessions.


In Rails 2.0 there is now a CookieStore that stores all session data in an encrypted cookie on the client's machine.

<a href="http://izumi.plan99.net/blog/index.php/2007/11/25/rails-20-cookie-session-store-and-security/" rel="nofollow">http://izumi.plan99.net/blog/index.php/2007/11/25/rails-20-cookie-session-store-and-security/</a>


  • SignalR Client - The remote server returned an error (401 Unauthorized)
  • Liquid layout in WPF?
  • Casting and Generics, Any performance difference?
  • Why program (global) scope variables must be __constant?
  • How to convert a vector to a vector/string
  • SignalR performance
  • How to serialize a Date using AVRO in Java
  • jQuery not working properly in Laravel 5
  • Load requireJS module inline the HTML body?
  • Consume tensor-flow serving inception model using java client
  • iPhone/iPad: animated splash screen?
  • Python SKLearn: How to Get Feature Names After OneHotEncoder?
  • Where to store user uploaded files in Django
  • How do I insert a line break in an xtable caption?
  • Calling a jQuery method named in variable
  • JSF 2 OpenJPA 2 Glassfish 3.1 WEB9031 Error
  • Should I have different DTOs for Create and Update? (CRUD) [closed]
  • ProgressDialog.show inside AsyncTask stop my Program from execution
  • Mailkit Authenticate to Imap fails
  • How to access a bundled ES6 class in inline
  • Installation failed for laravel/lumen-installer: guzzlehttp/guzzle locked at 6.3.0
  • MySql tables, error #1064 & error #1068 Multiple primary key defined [closed]
  • Train two models concurrently
  • Existing data serialized as hash produces error when upgrading to Rails 5
  • Repeatable job for Laravel json api
  • MSBuild does not build solution file because of mismatching package name
  • iOS: Address Book
  • How to delete first 7 characters of folder name by using batch script?
  • Querying Elasticsearch Address Based Index
  • python socket.sendto
  • Haskell program that can handle any arbitrary deterministic finite automaton
  • SQL Server 2012 not showing unicode character in results
  • Google Spreadsheet Script to Blink a range of Cells
  • how to snap two objects in runtime in unity?
  • Another “Cannot make static reference…” Question
  • What does the “id” field in an Android “Google Play Music” broadcast intent correspond to?
  • How to mutate multiple variables without repeating codes?