我想在共享同一会话的不同服务器上安装一些Rails应用程序.我可以在同一台服务器上进行操作,但不知道是否可以在不同服务器上共享.任何人已经做过或知道如何做?
I'd like to have some rails apps over different servers sharing the same session. I can do it within the same server but don't know if it is possible to share over different servers. Anyone already did or knows how to do it?
谢谢
推荐答案根据您的应用设置方式,您可以轻松共享来自同一域(foo.domain,bar (.domain,domain)),方法是将您的应用设置为使用相同的机密: www.russellquinn/2008/01/30/multiple-rails-applications/
Depending on how your app is set up, you can easily share cookies from sites in the same domain (foo.domain, bar.domain, domain) by setting your apps up to use the same secret: www.russellquinn/2008/01/30/multiple-rails-applications/
现在,如果您拥有不同的网站,例如sdfsf,dsfsadfsdafdsaf等,则您将不得不做更多的技巧,因为cookie的本质将它们限制在特定的域中.本质上,您想做的是使用跨站点脚本来替代会话,而不是劫持会话.
Now, if you have disparate sites, such as sdfsf, dsfsadfsdafdsaf, etc. you'll have to do a lot more tricks because the very nature of cookies restricts them to the specific domain. Essentially what you're trying to do is use cross-site scripting to, instead of hijack your session, read it from the other ones.
在这种情况下,可以结合使用相同的Cookie秘密等内容,然后再使用一些跨站点脚本,您可以手动提取会话信息并在每个站点上重新创建它(或者,如果您使用ActiveRecord会话{或NFS会话目录},将其与现有的链接起来).这并不容易,但是可以做到.
In that case, a combination of using the same cookie secret etc and then some cross-site scripting you can manually extract the session info and re-create it on each site (or if you use ActiveRecord session {or NFS session dir}, link up with the existing one). It's not easy, but it can be done.
或者,低技术含量的方法(我之前已经做过)只是让登录页面访问每个站点上特制的登录页面,从而在其上设置应用程序cookie并跳至下一个.不好看.
Or, the low-tech way (which I've done before) is simply have the login page visit a specially crafted login page on each site that sets an app cookie on it and bounces you to the next one. It isn't pretty.
更多推荐
服务器上的Rails会话
发布评论