I'm trying to share sessions between two cakephp apps that are on different subdomains. One is cakephp 2 and other is cakephp 3.
What i have so far:
The two apps are reading sessions from the same database table.
The two apps are writing session cookie "CAKEPHP" to the root domain. i have a
on top of core.php and app.php respectively 3. both apps have the same Security.salt value
What is the problem? When i open the cakephp 2 on one tab, it generates a session cookie with one value. But when i open cakephp 3 on another tab, it generate another value for session cookie. So, when i login on cake2 and then refresh cake 3 on another tab, the session on cake2 get lost.
When researching, i saw that cakephp 3 encrypts the session cookie and cake2 not... But i'm not able to see where can i make cake2 use the same encryption as cake3. Or disable encryption on both, if it will not cause security issues.
Can you help me on this?