From user-return-19751-apmail-couchdb-user-archive=couchdb.apache.org@couchdb.apache.org Sat Feb 4 22:27:22 2012 Return-Path: X-Original-To: apmail-couchdb-user-archive@www.apache.org Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7DBA191CB for ; Sat, 4 Feb 2012 22:27:22 +0000 (UTC) Received: (qmail 33073 invoked by uid 500); 4 Feb 2012 22:27:20 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 33000 invoked by uid 500); 4 Feb 2012 22:27:19 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 32992 invoked by uid 99); 4 Feb 2012 22:27:19 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 04 Feb 2012 22:27:19 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of actionowl@gmail.com designates 209.85.212.180 as permitted sender) Received: from [209.85.212.180] (HELO mail-wi0-f180.google.com) (209.85.212.180) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 04 Feb 2012 22:27:12 +0000 Received: by wibhm6 with SMTP id hm6so4574703wib.11 for ; Sat, 04 Feb 2012 14:26:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type; bh=Zpik4/wB1Y2uvofu86iXRfYl2q/dX2LpmecbWWH67CA=; b=WjGCmwgKTYmwQd7YKGBzXm0/bgDZ696/ZRyBuQmK6809CvA+c6OvQ7ju+2nFX1wVXE S+nAixEGMh8fkIW5UL+vvLyOwbcBjX9pqBNWbSjWp4+vxco2r6/IGJG6AjTV6rqcscix VZst6PTVABdyH7Qs3iWm4d4sZnWrXIR90xRZ4= Received: by 10.180.24.202 with SMTP id w10mr19133692wif.9.1328394411232; Sat, 04 Feb 2012 14:26:51 -0800 (PST) MIME-Version: 1.0 Sender: actionowl@gmail.com Received: by 10.180.106.164 with HTTP; Sat, 4 Feb 2012 14:26:31 -0800 (PST) From: Travis Paul Date: Sat, 4 Feb 2012 17:26:31 -0500 X-Google-Sender-Auth: HslE_8xF55y0DYEqW9TMgeQqBOg Message-ID: Subject: How can I allow a session to be valid for all subdomains? To: user@couchdb.apache.org Content-Type: multipart/alternative; boundary=f46d0418259800cca704b82aedfc --f46d0418259800cca704b82aedfc Content-Type: text/plain; charset=ISO-8859-1 How can I allow a session to be valid for all subdomains? I have couchdb running on port 80 and I have some vhosts setup with separate couchapps: app1.domain.com = /app1/_design/app1/_rewrite app2.domain.com = /app2/_design/app2/_rewrite and my rewrite.json for each app looks like: [{ "from": "", "to": "login.html" }] If I require that a user needs to login to use an app by setting database readers, then they need to post their user/pass to app.domain.com/_sessionbut they can't access the rewrite and they can't login from another subdomain because their session won't be valid. If I could make sessions valid across all subdomains of domain.com I could do something like: app1.domain.com = /app1/_design/app1/_rewrite app2.domain.com = /app2/_design/app2/_rewrite www.domain.com = /login/_design/login/login.html <-- handles login and redirection to the correct app based on user roles or some other mapping Maybe I am going about this the wrong way but I really do not want to use a reverse proxy or another webserver or application layer for my couchapps. --f46d0418259800cca704b82aedfc--