SSO doesn't work when accessing wp-admin on subsite prior to the front-end

Question

SSO doesn't work when accessing wp-admin on subsite prior to the front-end

jjeaton opened this issue 8 years ago · comments

Josh Eaton commented 8 years ago

Steps to reproduce:

Create a network with 2 subsites and (subsite1.example.dev and subsite2.example.dev) and map domain aliases (subsite1.dev and subsite2.dev).
Login to the first subsite (subsite1.dev).
Navigate to subsite2.dev/wp-admin/
Get redirected back to (subsite1.dev) without getting logged into subsite2.dev.

If you hit (subsite2.dev) prior to trying to access wp-admin, you are then logged in.

Is this intended behavior? Shouldn't hitting wp-admin also trigger the SSO flow to get you logged into the second site?

Site admins are irritated that whenever they use the "My Sites" menu to try to go to a different site's dashboard, they are redirected, until they hit Visit Site first.

robrecord · Answer 1 · Thu Sep 08 2016 15:47:40 GMT+0800 (China Standard Time)

I resolved this by uninstalling Mercator, updating all references to the site URL in the database, and relying on WordPress' built-in domain redirection.

Rob Record
Web Designer/Developer
07535 271502 (tel:07535%20271502) | robrecord.com (http://robrecord.com)

On 6 Sep 2016, 18:40 +0100, Josh Eaton notifications@github.com, wrote:

Steps to reproduce:

Create a network with 2 subsites and (subsite1.example.dev and subsite2.example.dev) and map domain aliases (subsite1.dev and subsite2.dev).
Login to the first subsite (subsite1.dev).
Navigate to subsite2.dev/wp-admin/
Get redirected back to (subsite1.dev) without getting logged into subsite2.dev.

If you hit (subsite2.dev) prior to trying to access wp-admin, you are then logged in.

Is this intended behavior? Shouldn't hitting wp-admin also trigger the SSO flow to get you logged into the second site?

Site admins are irritated that whenever they use the "My Sites" menu to try to go to a different site's dashboard, they are redirected, until they hit Visit Site first.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub (#73), or mute the thread (https://github.com/notifications/unsubscribe-auth/AACYBBnXQt-1W8k2wpQZfdMBkVeaJiXNks5qnaJRgaJpZM4J2FSX).

Robert O'Rourke · Answer 2 · Thu Nov 24 2016 04:42:47 GMT+0800 (China Standard Time)

@jjeaton I'm just about to get to SSO as part of an overhaul of the Mercator ecosystem. Working out the best way to create tests for it. I was able to reproduce your problem and you're right it shouldn't behave in that way as it doesn't really make sense from a user perspective.

Robert O'Rourke · Answer 3 · Fri Jan 13 2017 18:58:50 GMT+0800 (China Standard Time)

@jjeaton so I'm clear are you using multinetwork too or just standard multisite?

Josh Eaton · Answer 4 · Fri Jan 13 2017 19:33:17 GMT+0800 (China Standard Time)

@roborourke standard multisite

Josh Eaton · Answer 5 · Fri Jun 02 2017 00:37:11 GMT+0800 (China Standard Time)

@roborourke any progress here? Will this issue get moved to the SSO repo when they split?

Robert O'Rourke · Answer 6 · Fri Jun 02 2017 17:25:41 GMT+0800 (China Standard Time)

Yeah all updates here will be ported. I'm going to fix #68 first then come back to this one so no progress yet beyond replicating the issue I'm afraid.