开发者

how to restrict session in a particular domain?

I have a web application that's deployed at http://myserver/app1, I've also got another instance of the application that's accessed at h开发者_StackOverflow社区ttp://myserver/app2.

Basically, when I log into app1, I am also logged into app2as. Obviously each instance of the application is identical.

What would be the best way of restricting each instance of the application to be unique and completely independent, so authorization and authentication was applied on each instance individually?


You could change the name that the cookie uses for the second app. If it's using $_SESSION just use session_name(). You're going to need to run that before anything else.


You could use a different session name, but it would be more appropriate to change the domain or path on the session cookie using session_set_cookie_params()

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜