php - Session sharing between two CodeIgniter Applications

Question

I have 2 codeigniter installs running on the same server.

the first app is : localhost/aa/index.php

second app is : localhost/aa/invoice/index.php

The second app is in the first app folder. In the live environment, they will be on the same domain. I am trying to get a single sign-on to work -- so, if i have userdata set in the aa application I should be able to verify it in the invoice folder also.

Is there a way to share the sessions.

As the folders will always be on the same domain, I am open to working with sessions outside the ci library(only php) also.

Edit : They show the same session id when they don't have any data. The moment I add some variables on one application, the other goes out of sync.

Also I have sessions being stored in the database(both applications share the same database.)

Please suggest.

Thanks! : )

Answer 1

Codeigniter for some reason rolls its own session implementation rather than native PHP sessions.

http://codeigniter.com/user_guide/libraries/sessions.html

You get a choice of using:

1. cookie storage (not ideal, small storage size, sensitive data in a cookie?).
2. database sessions (persisted using session id cookie).
3. Override and roll your own (to use native php sessions!)

Obviously you need to make sure your session identifier is configured correctly so both apps can read from the same session data. If using the database implementation, you need to make sure both apps can access the same DB.

To add to the complexity, if you choose to encrypt sessions, the salt used by the encryption class will also need to be the same in both apps, so either one is able to decrypt the shared session data.