Symfony sfGuardUser single authentication on several subdomains

Question

I'm using symfony 1.4.20 with the sfGuardUser plugin. I have several subdomains that are sharing the same app.

One module of the app should serve a slightly different content according the user is logged in or not. This module should be accessed through a subdomain, say sub.domain.com. Right now, if I access this module through domain.com, this works. If I access the modules through sub.domain.com, the user is seen as not logged in even if he is.

My guess is the auth cookie used by the sfguad plugin is missing a Domain: .domain.com parameter. How can I change that? This thread 3207099 seems to indicate that it is possible.

Thanks!

Answer 1

I found the solution. Add the session_cookie_domain parameter in the factories.yml file under /apps/my_app/config like:

  storage:
    class: sfSessionStorage
    param:
      session_name: symfony
      session_cookie_domain: '.domain.localhost'

I got confused because

• I thought first that this was related to the auth cookie used by the sfGuard plugin but configuring the session cookie's Domain is enough to achieve what I want. Somebody can explain why?
• I used a one-word-only domain for local tests and setting '.domain' does not end up in the cookie's Domain. Looks like it must be at least a domain and tld like '.domain.localhost'.