Is there a way to share a rails session with a .net app if we are under same domain?

Ultimately we want single sign-on for two applications, one is a rails app and one .net.

Is there a way login to a rails application using devise and cookie session store, and have a .net read this cookie to determine what user is logged in? We are open to switching session stores if that would help.

We would like to keep开发者_运维问答 all auth in Rails, but use the cookie session to allow or deny access to .net application.

---

Yes, you definitely can do this.

If the session is stored solely in cookies then all you need to do is parse the cookies like rails does. Take a look at ActionDispatch::Request::Cookies to get a better feel for how rails uses cookies.

If on the other hand you store the session in Memcache, Redis, Mysql (or any other external store) you can get the session id from the cookie then look it up in the external store. This is probably easier and slightly more DRY.

As long as you have access to the session cookies you should be able to mirror the Rails session manipulation code in your .NET application and "share" session. I encourage you to start by reading deeper into how Rails handles session.