I've setup two sites with the single signon addon for the account sync module and added a link on one site to the other prefixed with "sso/goto/". This link is visible by all users (anonymous and authenticated users).
In order to let everyone be able to follow the link, I had given all roles the permission "sync account", including the role "anonymous user".

When an anonymous user follows the link, there will be an error because the anonymous user does not have an username. I've created a patch that allows anonymous users to follow links prefixed with "sso/goto/" without errors.

Patch will follow.

CommentFileSizeAuthor
#1 sso-anonymous-1345962-1.patch1.17 KBmegachriz

Comments

megachriz’s picture

Assigned: megachriz » Unassigned
Status: Active » Needs review
StatusFileSize
new1.17 KB

Here's the patch. The patch changes the following:
- When the user is anonymous, the function account_sync_sso_login_generate_url() will use '0' as the username.
- The function account_sync_sso_login() will check if the given username is empty. If so, it will ignore the login attempt and go to the target url.