Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Single Sign-On for Wordpress not working with Vanilla 2.0 rc1
mpraetzel
New
Is there a plan to upgrade the Single Sign-On for Wordpress plugin? Once enabled it does not work and then I am completely unable to log back in to Vanilla 2 to disable to the plugin. I have deleted my Vanilla 2 forums database and reinstalled now trying to get this plugin to work 5 times. Pulling my hair out!
0
Comments
I tested this plugin in the 2.0 rc1 version of Vanilla 2 about 5 or 6 times. Each time I had to delete the Vanilla 2 installation database and config.php. Every time I would install and enable the plugin and add all the values given by the Single Sign-on associated wordpress plugin I'd log out to test. When I log in to Wordpress I am not logged in to Vanilla 2. Unfortunately once you enable the plugin you have to sign in via Wordpress so I'd have to start from scratch again to test the plugin.
Mark, any ideas?
Vanilla 2 RC1 completely refactored the authentication harness (or rather, added one) and implemented real OAuth SSO. One casualty of that change was the old 'handshakeauthenticator' stopped working. I'm currently working on a community-available version of the old authenticator that works with the new authenticator structure without depending on the OAuth stuff.
Once its ready, i'll try to remember to come back and post in here.
Vanilla Forums COO [GitHub, Twitter, About.me]
Yeah, I'm having problems with the SSO plugin with Vanilla 2 as well. I installed it without any problems in both WordPress and Vanilla 2, punch in all the info, and then Vanilla 2 does this whole sing in again thing. It asks me if I want to create a new account or link my existing one. Either options fails to work. When I try to create a new account, I get this error:
Fatal Error in Gdn_HandshakeAuthenticator.xReturningUser();
Am I doing something wrong here or does this have to do with what you're fixing, Tim?
That's great! How far along is your work on this? Is it available on GitHub or anywhere that we might be able to chip in and assist? Thanks.
Also, does anyone know where can I find a version of Vanilla 2 that will work with the old SSO plugin? I have the Garden GitHub repo, but the only tags are for RC1 and RC2; I'm not sure which commit would be a good place to go for the original authenticator.
@michaelalfox
Do you know which version of Vanilla you're running? If you're running RC1 or later, SSO won't work. Otherwise, this could be a separate issue.
I'm running RC1 as of right now. The kicker is that I installed it the day before RC2 was released. Does RC2 work with SSO as is? I'll be upgrading regardless.
No, the current SSO plugin does not work in RC2. To be clear, the plugin isn't broken because of a bug in Vanilla, but because a new authentication system was introduced in RC1 which is not compatible with the SSO plugin. The new authentication system is what will be used by Vanilla from RC1 on; so any version of Vanilla 2 released since RC 1 is incompatible with the current SSO plugin. To use SSO, we'll need either a new version of the SSO plugin updated to work with Vanilla's new authentication system, or a patch that affects the old authentication system so that we can use the old SSO plugin. It sounds as though Tim's working on the latter option.
Here's how things work as of RC1.
Basically the new authentication system allows multiple different 'authenticators' to handle user identities. These authenticators are interchangeable in a way, but they do different things. For example, there is a 'password authenticator' which is the one that logs you in based on your actual forum username and password. This is the default.
We've added one called 'handshake authenticator' which is the new OAuth based version of Single Sign On, authenticating you based on a set of OAuth parameters in either a cookie, or the URL itself.
What I'll be doing is adding another authenticator which implements the same functionality as the old SSO authenticator, thereby allowing SSO plugin to work again.
As for how far I am, I have most of the work done, I just need to tie up some lose ends with it. Time permitting of course. (we have actual bugs to fix first!)
Vanilla Forums COO [GitHub, Twitter, About.me]
Thanks for the extra information. I'm new to Vanilla, but the new approach to authentication sounds flexible enough that I'll be able to build custom authenticators that more tightly integrate with my web apps without having to use the "session hijacking" style approach of the SSO plugin. That would be awesome.
For now, I just needed to get a Single Sign-On system up and running quickly for a small project. I ended up going back to the vanillaforums/Garden GitHub repository to find the most recent commit in the master branch where Single Sign On still worked. This is the commit number I traced it back to:
39af68abcd6470212f52529736a9ace19099ba93
Obviously, this represents the code in a pre Release Candidate state; there have been bug fixes and apparently some major revisions since then. So if anyone's reading this thread several months from now, you almost certainly want to seek out what Tim's written instead of referring to this commit. But if like me, you just need to get the SSO plugin Version 1.1 working with your app in a pinch, you can do so by creating a local branch of the git repository from the above commit number.
Vanilla Forums COO [GitHub, Twitter, About.me]
Vanilla Forums COO [GitHub, Twitter, About.me]
Vanilla Forums COO [GitHub, Twitter, About.me]
Hi, Just wondering what the progress on this is..
Vanilla Forums COO [GitHub, Twitter, About.me]
Great! I guess the new code won't work with the single sign on plugin. Will you be updating that as well? Or if you could provide me some tips and maybe some documentation on where to start looking I'll try patching it up myself.
Fatal error: Class 'Gdn_HandshakeAuthenticator' not found in /nfs/c06/h02/mnt/89205/domains/mydomain.com/html/forum/plugins/SingleSignOn/default.php on line 80
I also made sure before enabling to change the default.php file to replace the instances where it said 'garden/plugin/singlesignon' with 'dashboard/plugin/singlesignon'.
Now when I go to my forum and hit the sign in link, it just takes me to http://mydomain.com/default, where there isn't anything but a not found page.
Not exactly sure what I've done wrong here. Any ideas?
I'd help if I had any knowledge of PHP and such.
I just released a completely new version of the SSO Plugin itself on the addon site. Do give it a try and let me know how it works (or doesn't work) for you.
Vanilla Forums COO [GitHub, Twitter, About.me]