howdy all, I'm the webmaster of http://www.csmapcentral.com and it's related sites (about 6 other sites). I've setup these sites using a modified version of Xoops 2.0.9 beta, and accomplished a multi-site network, with a single installation, and almost all of the database shared between the sites.

what I'm missing is single sign on for the sites, but that's a rare feature to find, so I'm not too concerned about it.

anyways, I'm wondering which (if any) of these features/needs can be satisfied by drupal, without modification or at least with an existing documented mod?

I'm fairly happy with my xoops sites, but there's many little things about xoops that irks me, and I'm looking into drupal, to see if it would make my life simpler.

the main focus of my sites, is to build a community around the forums, support file downloads, and additionally a few article sections for tutorials, FAQ, News, etc etc. my users have grown used to the phpBB forums that we use, so I'm a bit concerned that switching to drupal's built-in forum system might receive a negative response. i am looking for a better download system though (the current system isn't bad, but it could be better), and i need better support for articles, article creation, individual user pages, etc.

can drupal provide any/all of the features that my sites demand? any help you guys can provide would be great :-)

Comments

Prometheus6’s picture

multi-site, single installation, shared db

This isn't a problem. Single signon across domains, I don't know. But you can share the user tables across all your domains via judicious use of table prefixes. That way joining one site makes you a member of all of them.

jasko’s picture

Drupal can do signon through other Drupal sites -

I know, because I log onto Drupal.org with my drop.org signon!

intel352’s picture

Drupal can do signon through other Drupal sites -

I know, because I log onto Drupal.org with my drop.org signon!

i'm aware that user signon can be 'shared' across sites, but does that also carry the user's personal information, profile, signature, etc etc? or just the signon by itself?

i think it's best for me to share my user table using prefixes, as suggested, at least for users within my network of sites.

btw, if a user from drop.org signs on to drupal.org, assuming his/her profile information isn't transferred, what happens if that user wants to create profile information on drupal.org?

intel352’s picture

just to clarify, when i say single sign on, i'm referring to the ability to log onto one site, and be logged on across *all* related sites.

Prometheus6’s picture

The problem you have with single signon is you have seperate domains for each site. But not that you mentioned profiles, let me suggest you check out the FOAF module:

http://drupal.org/project/foaf

I haven't tried it but it sounds like it will do what you want.

intel352’s picture

yeah, i saw that module, it looks pretty nifty.

it would be nice if SSO could be managed by just having each site maintain cookies for all the sites in the network maybe.. lol, but i imagine browsers might kick at having multiple cookies being generated from a single domain for other domains

javanaut’s picture

I'm guessing your sites don't share a domain name? If they don't, then there are no simple solutions for you, but several complex ones exist :P

1. In the simplest case, all of your drupal sites could share users and profile tables (assuming that all of your sites' tables are in the same database but with distinct table prefixes). This wouldn't automatically log you into all sites, but the login, password and profile would follow users to each site.

2. If you want them to login only once and have instant authenticated access to all sites, you would need to setup a domain as your authentication domain that handled authentication for all of the other domains. You would probably create a module that implemented the "hook_auth" API. A common SSO technique is to send HTTP 302 redirects around to set authentication cookies for all appropriate domains (or set them as needed). In this scenario, if an anonymous user came to your site, your module would redirect them to the authentication domain. If they had a valid cookie there, they would be redirected back with some validation code and a cookie would be set for the proper domain.

There are other techniques for SSO, and it sounds like you may be familiar with some of them already. AFAIK, there is no such Drupal module that would allow for SSO in a way that is invisible to the user.

intel352’s picture

that was a very interesting post javanaut, i've not heard of the method(s) that you suggested in solution #2

regarding #1, I already accomplish that using a modified version of Xoops, and I definitely intend to do the same with Drupal once I find the best method (gotta find the docs on Prefixing again)

as for #2, would you happen to have any more knowledge in this area that you would like to share? (links for more info, etc?)
that's definitely the area that I want to explore. It doesn't bother me too much if the method isn't transparent, as long as it achieves the end goal without bothering the user *too* much.

javanaut’s picture

Most of my SSO experience is with non-Drupal sites. Most recently, I worked on a private site that does all of their authentication interface on a single domain. A cookie is set for the base domain and all subsites have access to that cookie. This is not really related to #2, though.

However, the mechanism used for authentication would use parts of it:

Say your SSO realm had 3 domains:
example-A.com
example-B.com
example-C.com

..and you setup auth.example-A.com as your main login spot.

If a user goes to example-B.com and is unknown, redirect to authentication URL:
http://auth.example-A.com/login.php?referer=http://page.example-B.com/st...

If user has valid cookie on example-A.com,
redirect user to http://page.example-B.com/stuff?uid=333&validation-token=12345
Otherwise,
make user login on example-A.com. Upon successful login, redirect back to http://page.example-B.com/stuff?uid=333&validation-token=12345

When user gets back to original page, now with uid and validation-token, a cookie is set for example-B.com.

If a user goes to example-C.com for the first time, they're bounced over to auth.example-A.com and returned with uid and validation-token set and a cookie gets set on example-C.com just like on example-B.com.

The main thing to keep in mind is that many browsers limit the number of redirects that they will follow before giving up.

Another (simpler) SSO technique I've seen uses the following methods:

#3. Whichever site they sign in on will include authentication images pulled from all sites in the SSO realm. I.e. if you sign into example-B.com, the "success" page that you see after signing in will include 1x1 pixel images pulled from example-A.com and example-C.com and they will look like:
(img src="http://example-A.com/login-img.php?uid=333&validation-token=12345")

Some browsers now block these 1x1 pixels, but theoretically, loading images from each of those sites should also set cookies from each. Because it relies on the browser to load these images from another site, it is less reliable than the HTTP 302 redirects in #2. It is, however, much simpler to implement.

intel352’s picture

thanks for the extended post ;-)

i'm going to research this further. i also found this project: http://lasso.entrouvert.org/download/ << Lasso - single sign on library with php bindings, so i'll research this a bit to see if i can get it to work with drupal :-)

astra’s picture

    I'm guessing your sites don't share a domain name? If they don't, then there are no simple solutions for you,

if multisites share one domain name. I'd like to know what are solutions to login only once.

In one case all multisites are in subfolders which like:

www.domain.com/drupal
www.domain.com/site1
www.domain.com/site2

In another case multisites share same domain but different subdomain, for examples:

http://drupal.domain.com
http://site1.domain.com
www.domain.com/site2

lcems’s picture

This is the second post I've found asking for an answer to this question and yet no one responds to it.... very frustrating.

VM’s picture

There's plenty of responses to this thread, have you tried to work through the methods outlined?

DaneAU’s picture

Hello,

I am currently doing the same thing. I have got it working partially. I am just in the process of identifying which database tables need to be prefixed and which can be shared. I am running a single install with subdomains.

I configured my subdomains in cPanel to point to /public_html
Drupal handles just about everything else required. You need to create multiple folders with individual settings.php files under your sites folder.

For instance i am running 4 sudomains, each will server different purposes. So in total i have the following sites.

  • example.com
  • projects.example.com
  • bugs.example.com
  • store.example.com
  • support.example.com

In turn i then have the following directory structure.

/public_html/sites/default/settings.php
/public_html/sites/example.com/settings.php
/public_html/sites/projects.example.com/settings.php
/public_html/sites/bugs.example.com/settings.php
/public_html/sites/store.example.com/settings.php
/public_html/sites/support.example.com/settings.php

The contents of the settings.php will have the same Database connection attributes and those that are to remain protected for each site or are specific to that site must be prefixed. For instance having users shared accross all sites would mean that you would not prefix it. However such things as Blocks may require prefixing, subsequently you will need to prefix it for the specific site in the specific settings.php

For example each file would contain something such as
settings.php /public_html/sites/example.com/settings.php

$db_prefix = array(
   'default' = 'shared_',
   'block'   = 'main_',
);

settings.php /public_html/sites/projects.example.com/settings.php

$db_prefix = array(
   'default' => 'shared_',
   'block'    => 'projects_',
);

settings.php /public_html/sites/bugs.example.com/settings.php

$db_prefix = array(
    'default' => 'shared_',
    'block'    => 'bugs_',
);

Once you have that, you go to your main sites install script (Note you must have the DB connection foo setup also) and run the install script.
example.com/install.php

Once installed, open up phpMyAdmin and look at your schema, you will need to select all tables not prefixed with main_ and then drop them. This is because the tables which will be left are those specific to the main site. Next go to your first subdomain and execute the install script.
projects.example.com/install.php

Run the script, now open up phpMyAdmin and look at your scheme, you will need to select all tables not prefixed with main_ or projects_ and drop them.

Repeat this until you have done all your subdomains. However on the final site do not drop the schema's as this will be shared across all sites.

Another thing is editing the line in each of the settings.php files that is
$cookie_domain = 'example.local';
Change it to your site such as
$cookie_domain = 'example.com';

Once i have a fully working site and have worked out all the database prefixes required through trial and error i will post back here with a link to a comprehensive tutorial.

Kind Regards
DaneAU

goose2000’s picture

So I think I get it. You run 2 sites from 1 database that holds mostly duplicate tables with a prefix. I thought I was supposed to setup an entie different DB with prefixes. Is this correct, one DB?

Isn't this heavy on the database/site performance, two sets of tables?

John

DaneAU’s picture

That is all it is. I was a little perplexed when i first stumbled on to this a few hours ago. I got a site up and and running that worked perfectly well, however i noticed that the tutorial/article i folled was a little outdated, although still very useful, check it out here.

I am quite sure it would be quite intensive. You can do these sorts of things accross multiple databases, i read through some documentation on it, however for my needs i won't be exploring that avenue.

Kind Regards
DaneAU

VM’s picture

it can be done in two databases to ease the burden on a single DB. When I pulled it off in D6 I used http://www.slideshare.net/jvandyk/multisite-van-dyk-walkah-presentation as a walkthrough.

Good luck.

DaneAU’s picture

Yea i have run into some issues. Mainly i cannot seem to get different 'Slogans' on a per site basis. All the persistent login stuff works wonderfully. I am now trying to configure my sites to share one database containing only the tables that need sharing and using separate databases per site for the customised tables.

Eg. If i have domains which are seperate sites.

example.com
foo.example.com

I create the following 3 databases.

db_shared
db_example
db_foo_example

I am not sure how to set this up in the settings.php , i just can't get it right although i am moving closer to a solution i believe.

That slide-show link was helpful, however it didn't cover the in detail specifics of the configuration file for what i am trying to achieve sadly.

In my settings.php file for the example.com site i am looking at doing something like this.

$databases['default']['default'] = array (
  'driver' => 'mysql',
  'database' => 'db_shared',
  'username' => 'foo',
  'password'  => 'bar',
  'host'          => 'localhost',
  'prefix'        => '',
);

$databases['default']['default'] = array (
  'driver' => 'mysql',
  'database' => 'db_example',
  'username' => 'foo2',
  'password'  => 'bar2',
  'host'          => 'localhost',
  'prefix'        => array (
       'default' => '',
       'users'    => 'db_shared.',
       'sessions' => 'db_shared',
       'role'        => 'db_shared',
       'authmap' => 'db_shared',
  ),
);

Then for the foourl.example.com\settings.php I am looking at doing something as follows.

$databases['default']['default'] = array (
  'driver' => 'mysql',
  'database' => 'db_shared',
  'username' => 'foo',
  'password'  => 'bar',
  'host'          => 'localhost',
  'prefix'        => '',
  ),
);

$databases['default']['default'] = array (
  'driver' => 'mysql',
  'database' => 'db_foo_example',
  'username' => 'foo2',
  'password'  => 'bar2',
  'host'          => 'localhost',
  'prefix'        => array (
       'default' => '',
       'users'    => 'db_shared.',
       'sessions' => 'db_shared',
       'role'        => 'db_shared',
       'authmap' => 'db_shared',
  ),
);

I am getting pretty confused with how to go about this :S

DaneAU’s picture

I joined the multi group and started a discussion there. I have my site working almost exactly if not exactly how i want it. Still testing various aspects of it.

I responded to the discussion with a guide of how i got things going. You can view it Here.

You can view the working site i have running currently. here

twohills’s picture

I don't have the answer immediately to hand but here's the place to start looking http://drupal.org/node/43816

danbh’s picture

the node you pointed too points right back to this discussion. :)

VM’s picture

not exactly. this node is 14697 the node pointed to is 43816 and its a handbook page that also includes this page, as well as a few others of interest.

This thread is actually pretty old, and the documentation may not have been available at the time of the writing of this topic.

goose2000’s picture

Could someone briefly explain how this is done; in MySQL Administrator ? or where? Never done that before. Thanks

John

K-O-N-G’s picture

Can do by edit your setting.php ( drupal/sites/default/ ). It require all database use same username and password.

$db_url = 'mysql://username:password@localhost/satellite1_domain_com';
$db_prefix = array(
'default' => 'satellite1_domain_com.',
'users' => 'store_domain_com.',
'sessions' => 'store_domain_com.',
);
goose2000’s picture

That did help - thanks. Starting to get it.

John

drupalina’s picture

just subscribing

phpdude’s picture

subscribing

tnguyen85’s picture

I am trying to install multisite (5.x) using same DB and shared users and sessions tables. I have done as described above and am using symlinks (my hosting company does not support true subdomains).

the initial install is at www.domain.com/drupal

i've modified a fresh settings.php file as follows.

$db_url = 'mysql://username:password@localhost/databasename';
$db_prefix = array(
'default' => 'SITE2_',
'users' => '',
'sessions' => '',
'role' => '',
'authmap' => '',
'sequences' => '',
'profile_fields' => '',
'profile_values' => '',
'users_roles' => '',
);

The db_url string exactly matches the string in the settings.php in the initial drupal install. the db_prefix string in the initial install was left as $db_prefix = '';

the symlink is at www.domain.com/drupal/site2. in other words, i have a symlink at ..site2 that points to the drupal folder. i believe that is the prescribed technique. am i wrong?

when i go to run the installer, i get "Drupal Already Installed" message. My research tells me that the installer should have checked my sites->site2 directory for the settings.php file. It seems like it is running into the settings.php file in the Default directory first.

any ideas?

arhak’s picture

subscribing

emi_bcn’s picture

Hi there,
Firs of all, you have to install drupal with a fresh new DB. AFTER having installed the second drupal site, you change its settings.php.

If you don't do so, Drupal will think it's already installed due to the existing data on shared tables. This is not what you really want.

PD: I suppose that, after 1 year and half, you've already done this. I just write this to new Drupal webmasters that are around here.

See you!!
emi

seanray’s picture

I would like not to share the database even Drupal support. This is not a scalable solution unless you forsee all the site hosting there will be small site.