Jump to content

Need help to receive Cross-Domain Sessions/Cookies using jQuery ajax


Recommended Posts

I've two domains, for example, accounts.com & domain2.com.

I've set some sessions in domain2.com. And I need to remove those sessions from accounts.com using ajax. How can I achieve this?

 

 

THE PROBLEM:

<?php
session_start();
require_once dirname(dirname(__FILE__))."/config/config.php";
header("Access-Control-Allow-Origin: accounts.com");
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Allow-Headers: Content-Type, *");
if(!empty($_POST['sgnsid'])){
	/* print_r($_COOKIE);
	print_r($_SESSION); */
	session_unset($_SESSION['sgn-login_sessid']);
	session_unset($_SESSION['sgn-login_uid']);
	session_unset($_SESSION['sgn-login_uid_md5']);
	session_unset($_SESSION['sgn-login_expires']);
	session_unset();
	session_destroy();
	session_write_close();
	echo "done";
} else {
	echo "Empty SGNSID";
}
?>
Now, when a user clicks on the "Logout" button, an ajax call is made to the "signoff.php" on "domain2.com":

$.ajax({
	url: "https://domain2.com/signoff.php",
	type: "POST",
	crossDomain:true,
	xhrFields: {
		withCredentials: true
	},
	success: function(d){
		console.log(post);
		if(post=="done")
			done=true;
	}
});
But when I look into the Console the script is returning (if the print_r($_SESSION) & print_r($_COOKIE) ar not commented):

Array

(

)

Array

(

)

done

Otherwise:

done

 

And also the session variables were not removed.

 

And what I'm building is a SingleSignOn system.

And what I'm trying to do is, when a user logs in in accounts.com, some cookies & sessions are set two all the domains. Same way, when a user clicks on "Logout" button all the cookies & sessions must be removed from all the domains using ajax.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...