powerhouse has asked for the wisdom of the Perl Monks concerning the following question:

In Perl, when I set a cookie, is there a way to set it so that all my different sites will use that same cookie?

I am re-building our network to use the same USER database, so that it's kind of like a "passport" like what Microsoft has, where they login one time, and they are recognized on all of our sites.

I would really appreciate any tips on how to get Perl to do that.

thx,
Richard

Replies are listed 'Best First'.
Re: Perl and cookies...
by edan (Curate) on Feb 24, 2003 at 08:12 UTC

    Assuming you're using the CGI module (and you are, aren't you?), you want to look at the '-domain' flag for the cookie() method, which allows you to specify the partial domain for which the cookie is valid.

    For instance, if you want the cookie to be valid for all your sites *.yourdomain.com, you'll want to use something like this untested code:

    use strict;
use CGI qw/cookie/;
my $c = cookie(-name    =>  'foo',
                             -value   =>  'bar',
                             -expires =>  '+3M',
                             -domain  =>  '.yourdomain.com',
                             -path    =>  '/cgi-bin/database',
                             -secure  =>  1
                        );

    [download]

    Note the need to use '.yourdomain.com' rather than just 'yourdomain.com'.

[reply]
[d/l]
[select]
Re: Perl and cookies...
by steves (Curate) on Feb 24, 2003 at 08:20 UTC

    The cookie specification only allows cookies to be shared across sites if those sites are in the same subdomain. So, for example, you can't have the www.foo.com server set a cookie and have the www.bar.com server see it. You could have the store.foo.com server see a cookie set by www.foo.com -- they're in the same domain.

    So question number one is whether these sites are all in one domain.

[reply]
      Ok, No, they are all different domains.

      So I guess I'm SOL :o{

      I wonder how Microsoft Passport does it...

      Oh well, that's another topic ;o}

      thx,
      Richard
[reply]
        MS passport loads an image from passport.msn.com and then they just put that image on every page that there is a passport login. So you could do it that way: something like:
        <img src="http://yourdomain.com/setcookie.cgi" alt="" /> you just need to make your 'setcookie.cgi' header send the cookie you want to set and then tell it to print the location of an image. Something like this: (untested) 
        #!/usr/bin/perl -T
use strict;
use warnings;
use CGI;
my $cgi = new CGI;
my $cookie = $cgi->cookie(-name   =>'somename',
                          -value  =>'somevalue',
                          -path   =>'/',
                          -expires=>'+10y', #long cookie
                          -domain =>'yourdomain.com',
                          );
print $cgi->redirect( -cookie=>$cookie,
                      -uri   =>'http://yourdomain.com/someimage.png');

        [download]

        The only caveat is that some ad-blocking software blocks this as it is normally used to track people. This is especially true if you make the image a 1x1 transparent GIF. But if you aren't worried about that this should be the solution you are looking for.

        Hope that helps
        Chris

        Lobster Aliens Are attacking the world!
[reply]
[d/l]
[select]
Re: Perl and cookies...
by steves (Curate) on Feb 24, 2003 at 09:37 UTC

    There are ways. One of the tricks is to have a 1 pixel image on your pages, served by one domain. It's not seen but the act of going to that server for the image allows that domain to act as a kind of "cookie master" and get and set cookies. If all of your domains share a database, then you might be able to do something with that sort of model. You may also be able to do something with redirects.

[reply]
      Hmm, I did not think of that! GREAT idea!

      Thank you!

      Richard
[reply]

Back to Seekers of Perl Wisdom