Active
Project:
Single Sign-On (aka SSO or Single Sign On)
Version:
6.x-1.0-rc1
Component:
Code
Priority:
Normal
Category:
Feature request
Assigned:
Unassigned
Reporter:
Created:
3 Jun 2010 at 15:27 UTC
Updated:
10 Sep 2010 at 13:39 UTC
Enabling this on the client site redirects it back to controller site. This means anyone who tries to access the client site gets redirected. This doesn't make any sense, is this by design ? Anyway to stop that from happening ? I only want the users from the controller site to be logged in to the client site and visitors on the client site to stay on that site.
Comments
Comment #1
Albrecht Marignoni commentedI had the same problem during my first installation.
After my secounf installation SSO said that I can not install two controler.
I don´t know what is going around there.
Comment #2
Isostar commentedI had the same problem. After trying all kind of tricks it was suddenly solved. I think it was caused by an extra 'space' at the end of the private key string
Comment #3
drup_lr commentedHi ,
we have a controller site(https://controllersite) and client sites(http://clientsites) ,
when ever i try to visit client site http://clientsites i am redirected to controller site https://controllersite and have to accept the ssl certificate and then redirects me to http://clientsites but i don't want this behaviour .
please help me to solve this
Thanks
Comment #4
damienmckennaAm experiencing this myself.
Comment #5
damienmckennaThis seems to be controlled in signlesignon_client.module, see singlesignon_client_boot() line 61:
The way Drupal works is that every page request has a session tied to it, even anonymous users. This SSO module makes all sessions be kicked through the SSO controller, meaning that all visitors will first go through the controller before they can see the client site. So, in effect with Drupal 6 this is going to happen.
There is a chance of being able to avoid the need for the first session check by using Pressflow, which allows for session-free anonymous users, but I will have to investigate it.
Comment #6
damienmckennaAs a way of giving some direction to this discussion, I think the SSO module should be changed to ignore anonymous users, to handle them differently, and only go through the SSO process when the user tries to login properly.
Comment #7
damienmckenna