Zend Application Redirection Not Working After Migrated on Windows with IIS

Question

My application is developed using Zend 1.11 that was working fine in Linux. As per the requirement, i moved the application to Windows 7 that is having IIS 7, PHP 5.4.39, MSSQL Server 2012.

The issue is that after submitting login credentials, user is not redirected to home page but stays on the same (login) page. After debugging the source code, i came to know that user is authenticated from the database successfully but upon redirecting the user to index controller, user is sent back to login page. No error is being displayed by the application even iis log doesn't show any error.

I thought it might be the issue related to URL Rewriting. Therefore, I got “URL Rewrite” module installed on IIS and imported the .htaccess file to get equivalent URL rewrite rules to be added in web.config file, but it did not work either.

In my application session is being saved into database. I can not change it to be saved on the server(file) as this is an existing application. But session is being written and read into/from database successfully. Only thing I guess the reason that session gets expire on page redirect. But not sure how to fix this.

Any help would be greatly appreciated.

Edit

Cookie is being generated as depicted below

Am i missing in terms of configuration of cookies/session in IIS? What is the ideal configuration for Session and Cookies in php.ini when using IIS web server?

Answer 1

It is the correct behavior to redirect again to the login page when your cookie is not recognized. Most likely there's a problem when issuing the cookie - misconfiguration of the cookie domain/path (do you need to url rewrite from IIS?)

The first step to troubleshoot the root cause is to determine if the login and redirect headers are present and correctly sent all the way to the browser.

You should sniff/capture the http traffic to see the final headers (use the "Live HTTP Headers" extension for chrome/firefox). You may also post here a sample of the request/response headers for the corresponding login action/post method.

The sequence should contain a response header "Set-Cookie: PHPSESSID=.........". Take note of the value of cookie path/domain. As well as a redirect headers like "Location: /redirect/path".

If everything is configured correctly, all subsequent requests should contain the request header "Cookie: PHPSESSID=.....". Otherwise you need to review your IIS configuration (url rewrite/reverse for domain/path to ensure the issued cookie matches future requests).

To configure IIS url rewrite/reverse rules, see http://www.iis.net/learn/extensions/url-rewrite-module/url-rewrite-module-20-configuration-reference#Setting_Response_Headers

Answer 2

After debugging the source and web references, i came to know that the actual issue was that session data was not being deserialized by PHP engine and that's why session was not being constructed properly. Therefore, user was being redirected back to the login page.

So, the actual solution is provided at PHP: Custom Session Handler Unserialize Not Working on Windows