httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: Decrypting mod_session-created cookie
Date Mon, 08 Jul 2013 23:35:52 GMT
On 9 Jul 2013, at 00:29, "Mikhail T." <> wrote:

> Thank you, Daniel, for providing a "you don't need to know" answer to a question.
> I do, however, have this need -- in my application the cookie will need to be created
by a server completely different from the one, that will be parsing it.

Like Daniel said, you don't need to know. The cookie can be created on one server and read
from another, it is specifically designed to handle that without an application second guessing.

You can configure the decrypted session to be provided to php either via an environment variable
or a request header, your choice. You can then optionally update the session with a response
header. All encryption is transparent to php.


View raw message