symfony 1.4 session without using cookies
https://stackoverflow.com/questions/8106687
-
27-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a Symfony application which use a mysql database to store session data, and uses the SfGuard plugin to manage the authentication. Despite that symfony allways save the authentication info in a cookie. Is there anyway i can disable cookies and store the authentication info in the database or in memory? I might need in the future, to have a kind of single sign on feature, where the authentication state will persist between multiple applications, in different domains. Thats why I mostly want to eliminate the need to use cookies.
Thank you for your help.
Solution
You do not seem to understand how sessions work.
That cookie that gets sent to the cient is called the session id, and it's unique to the visitor. When he reqests a page from the server that cookie identifies the row in your session table where his data are - no data besides the ID is ever sent to the client.
Without that ID there's no way to pair a request to session data, that's why you could not log in anymore after disabling the cookies. The alternative to the cookie is to pass the session id some other way, like in the url - php can do that automatically, you just need to enable use_trans_sid in the php.ini.
OTHER TIPS
Yes, you can store the authentication info in the database : See here how.
