Transfer session across server in PHP

I need to transfer the user session across servers. ie. If user logged in server1 and if the user exists in server2 , then I have to transfer the user session details to server2. For this I used the following technique

From server1, redirect user to http://server2/auth_from_server1.php?sessionid=12345 On server2 (internally, in the PHP code of auth_from_server1.php), do a request to http://server1/secret/check_session_id.php with the sessionid, 12345. On server1, in the implementation of check_session_id.php, validate the ID and return OK, FAILURE, and session related data you want to pass, such as username, ... On开发者_JAVA技巧 server2, when the call returns with OK, store the transferred session data, and give the user a cookie and session for this server.

But when the call back function call the auth_from_server1.php the value in session id is null. I tryed to check the sessionid as

if(isset($_SESSION['sessionId']))
echo 'true';
else
echo 'false';

But $_SESSION['sessionId'] is null. In login page I am setting the value for session id as

$_SESSION['sessionId'] = session_id();

Thanks in advance....

Wouldnt it be easier to just store session data in a shared directory?

Alternatively you can store it in a database.

I would suggest writing a custom PHP session handler or using a prebuilt session handler like ShareDance. You can store session information in a MySQL database shared amongst the two machines, a SQLite file, etc.

There are many benefits to using PHP's built in ability to get/set session data by using session_set_save_handler() namely, that all calls to get or set from $_SESSION will work in your application code without any additional modification.

More information can be found here: http://php.net/manual/en/function.session-set-save-handler.php

A tutorial on writing custom session handlers (old but still relevant) is here: http://devzone.zend.com/article/141

When server 2 calls server1/secret/check_session_id.php it has to submit the session ID like server1/secret/check_session_id.php?sessionid=12345 and in check_session_id.php you have to call session_id($_GET['sessionid']) before session_start().

Another opportunity could be sharing the filesystem. Since PHP puts the session in the filesystem, you could share the filesystem (sshfs for example) on both servers.

the setting for changing the destination directory in the php.ini is

session.save_path

This problem can quickly get out hand when you start adding more and more severs to the problem. One of the best solutions that I have found is to store the session on a database and share that database with the servers. Redis typically works great for this. Here is a great guide to get started with redis

I think to store an id of a user in DB is the most appropriate way to do this.It is an error proof way.

Cheers