I have more than one applications. I want to be able to share a session between them using cookie_store.
Application A:
before_filter :authenticate_from!
def authenticate_from!
unless session['warden.user.user.key'].nil?
@user=User.find_or_initialize_by_id(ky[1])
sign_in @user
end
end
It can work, but application B session can not be identified. What should I do?
This can be done, but both of these applications will need to have a common subdomain and the secret_token value in your configuration will have to be identical.
For instance, you can have app1.example.com and app2.example.com so long as the cookie is assigned to .example.com.
The options for this are stored in config/initializers/session_store.rb and config/initializers/secret_token.rb.
As a note, ensure that your secret token value is as long and random as in a default install. Don't just switch to something short and convenient.
