Magento session lost when switching to https from http

danchet picture danchet · Oct 19, 2011 · Viewed 12.4k times · Source

I've searched high and low for a solution to this, with no luck. My host told me they are too busy to help.

Magento 1.4.2 // SSL cert

1- When I add an item to cart, the page reloads and my item is added to cart. [good]

2- Next, I click home, and my items are no longer visible in cart sidebar. [bad]

3- Next, I click "Tops", and my items are still not visible in cart sidebar. [bad]

enter image description here

4- Next , I click "Bottoms" and the items show just fine.

enter image description here

In all cases where the cart isn't visible, I can add https to the URL and the cart loads up just fine. Can anyone help me figure out why my session is being lost between http and https?

I have all my backend web cookie settings set to "no" except for sID.

Also- When a user is logged in, the cart items ALWAYS show on the right. It's only screwy if they're a guest.

Thanks guys, if you need me to post any code let me know.

wwwdotlylifdotcom

EDIT: Here is a screenshot of my cookies session in firebug (not exactly sure what I am looking at). Hope this helps. enter image description here

And here is my Session settings in magento: I have tried just about every variation of turning these on and off.

enter image description here

EDIT!

This issue has actually been narrowed down to a cache issue. We found out that when the cache is dumped/deleted, the website works properly. But after a few minutes of surfing the problem happens again. Does anyone have any idea? (And should i change the question title?)

I'm using a module called Lightspeed from TinyBrick, and it seems the new cache options are messing with our site. =( I'm contacting them shortly.

**EDIT Tinybricks excellent support helped us out. Thanks for all of your suggestions.

Answer

Marc B picture Marc B · Oct 19, 2011

Is the session cookie being set to be HTTPS-only? That'll prevent it from being carried over to regular HTTP requests, effectively giving the user two different sessions.