User sees Master domain on invalid login

Unfortunately, it's normal. It's not easy to fix it. I was working on that lately but didn't succeed yet. What we usually do is to put the login forms in a modal popup, therefore the user won't notice he is on master (in the popup)

Hey Meba, Any tips on how to achieve a modal popup login?

Subscribe (she says optimistically).

Also optimistically subscribing

subscribe

subscribe

I have an (ugly) solution using the rules module. I've installed the rules module and 'path rules'. On the controller site I created an action using the condition Check Path with url:
user/login?origin=http%3A%2F%2Fsitename.com%3F&auth=authentication_key (the url from a wrong login). Then I created a custom php action doing a drupal_goto('http://sitename.com/user/login','error=1'); Note that I add "error=1" so I can use that on the client side for a Rule there.

So on the client side I also created a Rule for "check path"="http://sitename.com/user/login?error=1" and the action there is to display an error message.

It's not the best solution I guess, and you'd have to set it up for every client site, but for me it works. Hope it helps anyone, if I need to be more specific, just pm me.

subscribe

Here is a patch. The login form gets a validate callback AFTER all other validate functions. If any errors are set they will be converted to a query string. The user is redirected to the origin site with the errors encoded in the query string. The client module sets the errors on the form after running an xss filter on the get variables.

Seems to work ok but could probably use some improvement.

This is a reroll of #9 which fixes some logic issues, allows for messages and warnings rather than just errors and most importantly handles the automatic password reset links.

EDIT - actually this isn't a reroll, this is an additional patch on top of the previous one.

Fabulous Michael, thank you for your patch! It seems to have no problems so far, although have not been able to patch singlesignon.inc

Would you perhaps consider attaching the whole updated module to the thread?

Most appreciated :)

Im not able to apply patch sso-611580-errors_on_client_domain_2.patch
Please let me know if anything thing wrong in procedure.
1. download sso-611580-errors_on_client_domain_2.patch to sso directory
2. use command patch -p1 < sso-611580-errors_on_client_domain_2.patch

Then getting

File to patch: client/singlesignon_client.module
patching file client/singlesignon_client.module
Hunk #1 succeeded at 163 (offset 39 lines).
Hunk #2 FAILED at 220.
Hunk #3 FAILED at 244.
Hunk #4 succeeded at 206 with fuzz 2 (offset -23 lines).
2 out of 4 hunks FAILED -- saving rejects to file client/singlesignon_client.module.rej
(Stripping trailing CRs from patch.)
can't find file to patch at input line 87
Perhaps you used the wrong -p or --strip option?

For all files im getting same error.

Thanks in advance

@ravi007: You are probably trying to apply the patch in #10 directly, but it will only work if you have first applied the patch in #9.

I have tried the patches now, and they do fix the problem with being sent to the master site when entering the wrong password. I'm still having problems with the automatic password reset links, however.

First of all, I think this line in the patch is missing a slash after the domain:
drupal_goto($domain . implode('/', $arg), $query);
should be
drupal_goto($domain . '/' . implode('/', $arg), $query);

When I change this, I get reset links on the client site to work if I enter them manually, but this doesn't really help me because the reset links that are emailed to the users still point to the master site. Any tips for how to fix this would be appreciated.

Finally, the status and error messages doesn't always clear when they are supposed to, so sometimes you get an error message on a page where it doesn't belong. For instance, if I have typed the wrong password once, I might get the message about wrong user name or password after I have successfully logged in, which will be very confusing for users.