Multi-instance sessions?

Just one MariaDB instance with 3 different databases

papermoon thats really useful info, nice one. For SQL do you have separate SQL instances on the host for each Espo instance, or just different named databases within the same SQL instance?

Cookies in Espo are HostOnly cookies, means a cookie can be read by the exact same domain. In my case I run 3 different Espo instances on the same server, all in different sub domains (espo1.example.com, espo2.example.com) on Nginx and this works without any issue. Also because the sub domains are different domains, the automatic logout as mentioned above doesn't happen.

diyoyo I'm interested in doing this to create a multi tenant setup without having to provision individual machines, how did you achieve it and did you have any other issues?

You would have to look into cookies to see that, I know with some forum it possible to be cookie-less because it use a "sid" code in your URL. Then you have the giant tracking monster such as 'Gogle' and 'Amozon' where despite blocking it in anyway you will have a cookies or some other form.

Not sure if it a design flaw or intended security design of EspoCRM but that just the way it is, another reason might be 'simply don't have manpower or time'.
Of course there is nothing to stop you from doing a Pull Request and it might get added to the code.

I would say if it on a different domain then it would just be how it is designed. For example some website have a "Forum" section in a subdomain and a "Website" in their main domain, perhaps even a fourth one as "Portal" in another subdomain. All of these can have separate cookies (most of the time that is the case) or share same cookies so you can log in one log in all.

You could use a cookies monitor (I know Firefox addon have one) and see how cookies is being behave and see how it work with, then compare it to your favorite website and EspoCRM server you have.


But this is a topic that probably out of this thread...

Thanks for the workaround. But I still don't understand why these cookies are shared between two websites that are completely different. Shouldn't the cookies have some kind of label to identify from which website it originates? even if the two espocrm are hosted in the same server, just in a different folder ?

Use your internet browser to isolate cookies (which is what determine whether you are logged in or logged out).

For Firefox use extension "Container"
For Chrome use "User Profile"
Any anything else, good luck. I don't know

Alternative you can have 2 by using Den method, one in normal browsing and another in Private/Incognito window.

Hello,

I think this is possible, just use the "New incognito window".