For example :
Now you have a main domain "mydomain.com" and there are some subdomains such as : id.mydomain.com , news.mydomain.com, blog.mydomain.com ...v.v. So how to with just one log in on "id.mydomain.com" a member can be logged in to the whole system.
It called "Single Sign-on". And we have some way to do it. This document will give you a basic solution with Yii framework.
The requirement:
+ All subdomain running on same server and can be share session.
+ Using same yii session class : CHttpSession or CDbHttpSession
The solution:
We have to configure these website using a same session and a same cookie.
Step 1 : open all main config file which you want to impact.
set a same id for them
array(
'id' => 'siteID', // change it to same on all subdomain
'name' => 'site name',
'defaultController' => 'homepage',
'theme' => 'web',
......
);
Step 2 : Continue looking on main config files to session array.
* CHttpSession:
if you are using CHttpSession set Cookies params and savePath like this :
'session' => array(
'class'=>'CHttpSession',
// 'savePath' => dirname(__FILE__).'/../../session', /*change session path to same folder if not using php default session*/
'cookieMode' => 'allow',
'cookieParams' => array(
'domain' => '.mydomain.com',
),
),
CHttpSession save session in file so we just only need to config for all subdomain save session in a same folder. Session folder can be put anywhere but make sure that it is exists and can be access (chmod777).
* CDbHttpSession:
CDbHttpSession is not using savePath param so session array will like that :
'session' => array(
'class'=>'CDbHttpSession',
'cookieMode' => 'allow',
'cookieParams' => array(
'domain' => '.mydomain.com',
),
),
Session is saved by CDbHttpSession in runtime fordel. we have to config to all application to a same runtime folder. Do it in main config array.
array(
'id' => 'siteID', // change it to same on all subdomain
'name' => 'site name',
'defaultController' => 'homepage',
'theme' => 'web',
'runtimePath'=>dirname(__FILE__).'/../../runtime', // change runtime path
......
);
Note : make sure savePath and runtimePath is exists and chmod 777
Step 3 : Ok, now check your websites.
This is only a basic solution. With a bigger system we have to use more complex technologies such as OAuth 2.0