我问这个在过去关于单点登录（SSO）类似的问题，但我意识到，这仅适用于子域，但在我的情况，我没有使用子域名，但只是不同的Yii应用程序在同一在一个域服务器。

I've asked a similar question about this in the past concerning Single Sign On (SSO) but I realized that that only works for subdomains but in my case, I'm not using subdomains but just different Yii applications on the same server under one domain.

我有www.mydomain.com/app1和www.mydomain.com/app2

I have www.mydomain.com/app1 and www.mydomain.com/app2

这两个应用程序使用同一个数据库，并使用相同的表进行登录。

Both applications use the same database and use the same tables for logging in.

我想发生什么

帐户是相同的两个应用程序的

什么是不发生

（4）。用户被重定向到APP1，但仍提示登录。

(4). User is redirected to the app1 but is still prompted to sign in.

我再检查，看在APP1和放大器的饼干和会议; APP2和我做了以下两个main.php在config文件夹：

I then checked to see the cookies and session in app1 & app2 and I did the following for both main.php in the config folder:

// application components
'components'=>array(
    'user'=>array(
        // enable cookie-based authentication
        'allowAutoLogin'=>true,
        'class'=>'WebUser',
    ),
    'session'=> array(
        'timeout'=> 1440
    ),
    'partyroles'=>array(
        // enable cookie-based authentication
        'class'=>'WebUser',
    ),
    // uncomment the following to enable URLs in path-format

    'urlManager'=>array(
        'urlFormat'=>'path',
        'rules'=>array(
            '<controller:w+>/<id:d+>'=>'<controller>/view',
            '<controller:w+>/<action:w+>/<id:d+>'=>'<controller>/<action>',
            '<controller:w+>/<action:w+>'=>'<controller>/<action>',
        ),
    ),

我已经被困在这整个星期，因为大限将至很快，我想它的时候得到一些需要帮助！

I've been stuck on this for the whole week and since the deadline is approaching soon, I think it's about time to get some needed help!

修改 这是我的配置文件main.php开始使用CDbHttpSession会议。我现在话存储到数据库表称为YiiSession：

EDIT This is my configuration file main.php initiating sessions using CDbHttpSession. I'm now storing sessions into the database table called YiiSession:

    'sessionName'=>'app',
        'class'=>'CDbHttpSession',
        'autoCreateSessionTable'=> false,
        'connectionID'=>'db',
        'sessionTableName'=>'YiiSession',
        'useTransParentSessionID' =>($_POST['PHPSESSID']) ? true: false,
        'autoStart' => 'false',
        'cookieMode' => 'only',
        'timeout'=> 300
    ),

测井在作品现在会被存储到数据库中，但它仍然无法登录到这两个应用程序。这两个应用程序有这个相同的配置。

Logging in works now and sessions are being stored into the database but it's still not logging into both applications. Both applications have this identical configuration.

推荐答案

我的第一句话将是检查的Cookie具有良好的领域，因此这两个应用程序接待了他们，并使用相同的会话。看来你已经检查过，而这是可以的。

My first remark would be to check that the cookies had the good domain and thus that both apps received them and use the same session. It appears you already checked that and that that is okay.

现在，以确定哪些用户当前登录，CWebUser寻找一个[一些preFIX] __ ID在会话变量。这preFIX既可以是 CWebUser-＆GT; stateKey preFIX 或者，如果为空的基础上，类名和Yii应用ID的MD5。

Now, to determine which user is currently logged in, CWebUser looks for a [some prefix]__id variable in the session. That prefix can either be the CWebUser->stateKeyPrefix or, if empty, an MD5 based on the class name and the Yii application ID.

反过来的Yii应用ID或者由 CApplication-＆GT规定; ID 属性，或者基于应用程序的基本路径上产生的。

The Yii application ID in its turn is either specified by the CApplication->id property, or generated based on the base path of the application.

所以，最简单的方法是将同一应用程序ID添加到这两个应用程序，它应该然后就可以使用相同的cookie VOOR这两个应用程序，将发现登录的用户。

So the simplest way would be to add the same application ID to both your apps, it should then be able to use the same cookie voor both applications and will "detect the logged in user".

只要编辑您的配置，并在最高级别添加一个id为您的应用程序：

Just edit your configuration and add an "id" at the highest level for both your applications:

return array
(
    'id' => 'sharedApplicationId',

    'components' => array( ... ), 
);

这将导致的Yii ::应用（） - ＆GT; ID 返回相同的ID，这将使 CWebUser :: getStateKey preFIX（）生成相同的preFIX和preSTO，这两个应用程序会发现，在会议的__id变量。

This will result in Yii::app()->id returning the same ID, which will make CWebUser::getStateKeyPrefix() generate the same prefix and presto, both applications will find the __id variable in the session.

另外，你可以只配置国家重点preFIX为 CWebUser 通过配置：

Alternatively, you can just configure the state key prefix for CWebUser via the configuration:

return array
(
    ...
    'components' => array
    (
       'user' => array
       (
          'stateKeyPrefix' => 'some_shared_prefix',
          ...
       ),
    ),
 );

这只会影响CWebUser类的话。然后，它将寻找会话变量，如some_shared_ prefix__id确定的登录用户来代替，而不是使用应用程序ID。无论哪种方式应该工作。

This will only affect the CWebUser class then. It will then look for session variables like "some_shared_prefix__id" to determine the logged in user instead and not use the application ID. Either way should work.

因此​​，基本上，即使您共享数据库（和会话），如果preFIX CWebUser 使用，因为坏配置的不同最终，你就得 application1StateKey prefix__id 和 application2St​​ateKey prefix__id 在会话中，他们赢得了看不到彼此的登录的用户。

So basically, even though you are sharing the database (and the sessions), if the prefix CWebUser ends up using differs because of a "bad" configuration, you'll just have application1StateKeyPrefix__id and application2StateKeyPrefix__id in the session and they won't see each others' logged in user.