When we use an auto sub domain: demo.domain.com
The sites spin up and we can access them fine.

However, when you try to login to the site via the auto sub domain alias such as:
www-site-com.demo.domain.com

You get access denied and refreshed back to the login screen. If you set the cookie_domain in local.settings.php it all works as expected:

<?php
$cookie_domain
= 'www-site-com.demo.domain.com';
?>

Is this by design?

Comments

Category:support» bug
Status:Active» Fixed

There was some confusion because of issues with Domain Access used in different modes - logging in via any alias keeps you logged out on another alias then, so it is required to use SERVER_NAME instead of HTTP_HOST, but because we can't determine if DA is enabled and how this module is used, we have switched to use HTTP_HOST for $cookie_domain by default, as it was previously.

See the code for reference: http://drupalcode.org/project/octopus.git/blob/HEAD:/aegir/conf/global.i...

<?php
if (file_exists('sites/'. $_SERVER['SERVER_NAME'] .'/modules/cookie_domain.info')) {
   
$domain = '.'. preg_replace('`^www.`', '', $_SERVER['SERVER_NAME']);
  }
  else {
   
$domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
  }
 
$domain = str_replace('..', '.', $domain);
  if (
count(explode('.', $domain)) > 2) {
    @
ini_set('session.cookie_domain', $domain);
   
$cookie_domain = $domain;
   
header("X-Cookie-Domain: " . $cookie_domain);
  }
?>

Note that you can still force using SERVER_NAME for $cookie_domain with control file modules/cookie_domain.info

makes sense. Thanks for the reply.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.