Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-300

Role sso-redirect-uri-authorizer doesn't work with multisite

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Major
    • None
    • 3.1.5
    • None
    • None

    Description

      When using Multisite / Domain mappings, specific rules seem to be required (ref. the customer's comment dated May 6th in HELPDESK-2601):

      This note is useless for anyone using the multisite module, since the installed role sso-redirect-uri-authorizer is not working if you’re using the multisite module. I guess this would be worth mentioning.

      And could you please give me an answer to the question:
      Isn’t the ACL supposed to be site independent if no site parameter is configured in front of the URL? 
      https://docs.magnolia-cms.com/product-docs/6.2/Administration/Security/Cross-site-security.html#_site_specific_acls
      Or how else do you configure an ACL that is valid for all sites? Because in our project we’re going to have multiple site definitions (20+) and I prefer not to configure an ACL rule on auth ( <site-name>/.auth ) for every site that’s created. This is really error prone.

      Steps to reproduce

      1. Configure multisite with multiple domains mapped
      2. Ensure you have a hosts setup where you can troubleshoot multisite/domains
      3. Log in from other domain
      4. Redirect loop? 

      Expected results

      Successful login from any domain

      Actual results

      Workaround

      Development notes

       

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                fmangold Fabian Mangold
                AdminX
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:

                  Checklists

                    Bug DoR
                    Task DoD