I have recently spent a few weeks working on an exiting Drupal 6 project that required better user profile synchronization and single-sign on than the standard Drupal multisite functionality available through the settings.php files and multisite module. The site was already using that design. I undertook an evaluation of the existing options such as LDAP, OpenID, Shibboleth, and direct database syncing. I found Bakery and realized it was the best architecture. To give you some idea of my background, I am a university professor and researcher of collaboration architecture. I have spent some time studying identity management designs. And, Bakery is a decent option.
SO, here is how I converted the site to Bakery.
I know this transition plan is rough. Please know that I intend for it to be updated and welcome feedback. Customize it to your setting as necessary.
Following an analysis of potential Single-Sign On technologies for the TEPHINET site going forward and in light of the expanding needs of the site, this project has been executed to test how to transition from the current multisite technique to the Bakery technique with the understanding that the Bakery technique will provide support for profile sharing, database backup using the Backup and Migrate module, and user management bulk operations, that were lacking in the multisite technique. Go ahead and backup the whole site right now. Next, setup a test environment if you do not have one. This transition should ideally be executed on a staging server with subversion and NOT on a production server. In my case, I started with setting up a completely independent identical copy of the whole site on a development server to test the concepts first. What you see here is the result of many tests. I have deleted the failed directions from this plan.
2. Patch / Updates
Some of the updates to the core code within the Drupal ^ installation improve variable handling and security. Thus, before attempting to add any new modules like Bakery. Go ahead and update the core code base, starting with the main Drupal core. I updated to 6.19 from 6.15. I then updated and tested all modules to ensure no PHP 5.3 variable handling problems or other code conflicts emerged.
Next, I exported the SQL insert code for the key user tables that had been setup as an independent Users table that the three sites all shared. The key tables were:
Finally, I updated the modules. To give you an idea of the modules being used on the site. Here are the ones I updated. I also tracked the database changes to make sure no User or Profile table info was being inserted.
- Admin 6.x-2.0 [2 Queries]
- Admin role 6.x-1.3 [no Queries]
- Backup and Migrate 6.x-2.2 [4 Queries]
- Better Formats 6.x-1.2 [no queries]
- Captcha 6.x-2.3-rc2 [1 Query]
- Chaos Tools Suite 6.x-1.7 no queries]
- CKEditor 6.x-1.1 (be sure to save CKEditor folder) [no queries]
- CCK 6.x-2.8 [no queries]
- Date 6.x-2.4 [1 Query]
- Email Registration 6.x-1.3 [no queries]
- Features 6.x-1.0rc3 [no queries]
- Flag 6.x-1.3 [no queries]
- IMCE 6.x-2.0-rc1 [no queries]
- Invite 6.x-2.0-beta2 [1 query]
- Pathauto 6.x-1.4 [no queries]
- Schema 6.x-1.7 [no queries]
- SMTP Auth 6.x-1.0-beta5 [no queries]
- String Overrides 6.x-1.8 [no queries]
- Team Notifications 6.x-2.1-beta8 [no queries]
- Token 6.x-1.14 [no queries]
- Vertical Tabs 6.x-1.0-rc1[no queries]
- Views 6.x-2.11 [2 Queries]
- Views Bonus Pack 6.x-1.1 [no queries]
- XML Sitemap 6.x-1.2 [no queries]
- Tao 6.x-2.3 [no queries]
- Tao 6.x-3.1 [no queries]
- Rubik Theme for Admin in Admin 2.x version
- → Rubik Theme 6.x-3.0-beta1 [no queries]
- JQueryUI -> now required by Date UI → used JQueryUI 1.6
- After everything is installed and updated, delete any unused modules.
- Finally, go to each sub-site and run update.php
3. Install Bakery SSO
- To begin, the modules enabled on each sub-server should be matched. This means check the list of enabled modules on all three sites and make sure every module enabled on any server are enabled on all servers. This will make the database schema on each sub-site identical even though the data are different. This is a precaution in case there are specific database implications in the upgrade. This is also the reason I tracked all database queries in the updates of the code in step 2.
- Download the four databases (as a backup). At this point, the users database tables will need to be added to each of the three other databases, since they were setup with an independent users database shared by the three sites in the multisite architecture. One way to do this would be to export the users data table SQL schema and code and create an INSERT statement to run on each of the other three. BE SURE To remove all references to table prefixes from the SQL statement. (NONE were found in the test. Or, make sure they are correct if you want to keep the table prefixes.)
- Next, after running the SQL statements, you must update the settings.php, all.application.settings.php, all.settings.php, and application.settings.php files. Remove the database prefix statements (just comment them out). Keep the database strings. Make sure all cookie domains are properly set. Be sure to do this prior to any activity on the site. The site should have identical caches and sessions tables when Bakery is installed. Specific thing to do (in all.application.settings.php):
//no longer used once the Bakery SSO is enabled.
* $db_prefix = array(
* 'default' => '',
* 'authmap' => 'users.',
* 'profile_fields' => 'users.',
* 'profile_values' => 'users.',
* 'sessions' => 'users.',
* 'users' => 'users.',
- Upload the Bakery module. [6.x-1.x-alpha2] You should be able to login to each sub-site at this point. Enable it in each. Set the key and master. Enable all profile fields to export. Make a long key.
- Login to the sub-sites and run update.php.
- Then enable the Rubik theme and set it as the Administrative Theme.
- Then enable the JQueryUI module.
- Next, update slave site modules that were not enabled on the main site, specifically:
- FCKEditor 6.x-2.1 [no queries]
- Mailhandler 6.x-1.11 [no queries]
- Organic Groups 6.x-2.1 [no queries]
- Semantic Views 6.x-1.1 [no queries]
- Views Datasource 6.x-1.0-beta2 [no queries]
- Then, enable the Bakery module and setup the two slaves using the key listed above or whichever key you were using. If you are using Organic Groups, be sure to set the module weight of Bakery below OG. You can do this by installing the Utility module with Module Weights. This allows you to set the weights in the admin modules list.
Your site should now be working on Bakery SSO.