Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
3.1.5
-
None
-
None
Description
When using Multisite / Domain mappings, specific rules seem to be required (ref. the customer's comment dated May 6th in HELPDESK-2601):
This note is useless for anyone using the multisite module, since the installed role sso-redirect-uri-authorizer is not working if you’re using the multisite module. I guess this would be worth mentioning.
And could you please give me an answer to the question:
Isn’t the ACL supposed to be site independent if no site parameter is configured in front of the URL?
https://docs.magnolia-cms.com/product-docs/6.2/Administration/Security/Cross-site-security.html#_site_specific_acls
Or how else do you configure an ACL that is valid for all sites? Because in our project we’re going to have multiple site definitions (20+) and I prefer not to configure an ACL rule on auth ( <site-name>/.auth ) for every site that’s created. This is really error prone.
Steps to reproduce
- Configure multisite with multiple domains mapped
- Ensure you have a hosts setup where you can troubleshoot multisite/domains
- Log in from other domain
- Redirect loop?
Expected results
Successful login from any domain
Actual results
Workaround
Development notes
Checklists
Attachments
Issue Links
- relates to
-
MGNLSSO-298 Module update tasks not working in SSO > 3.1.0
-
- Closed
-