Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Single Sign-On for Wordpress not working with Vanilla 2.0 rc1

mpraetzelmpraetzel New
edited June 2010 in Vanilla 2.0 - 2.8
Is there a plan to upgrade the Single Sign-On for Wordpress plugin? Once enabled it does not work and then I am completely unable to log back in to Vanilla 2 to disable to the plugin. I have deleted my Vanilla 2 forums database and reinstalled now trying to get this plugin to work 5 times. Pulling my hair out!


  • have you cleared your browser cache?
  • Hahahahaha. I am a web programmer. I clear my cache probably 10 times a minute as a formality. Also, my cookies.

    I tested this plugin in the 2.0 rc1 version of Vanilla 2 about 5 or 6 times. Each time I had to delete the Vanilla 2 installation database and config.php. Every time I would install and enable the plugin and add all the values given by the Single Sign-on associated wordpress plugin I'd log out to test. When I log in to Wordpress I am not logged in to Vanilla 2. Unfortunately once you enable the plugin you have to sign in via Wordpress so I'd have to start from scratch again to test the plugin.

    Mark, any ideas?
  • TimTim Operations Vanilla Staff
    Vanilla 2 RC1 completely refactored the authentication harness (or rather, added one) and implemented real OAuth SSO. One casualty of that change was the old 'handshakeauthenticator' stopped working. I'm currently working on a community-available version of the old authenticator that works with the new authenticator structure without depending on the OAuth stuff.

    Once its ready, i'll try to remember to come back and post in here.

    Vanilla Forums COO [GitHub, Twitter,]

  • @Tim

    Yeah, I'm having problems with the SSO plugin with Vanilla 2 as well. I installed it without any problems in both WordPress and Vanilla 2, punch in all the info, and then Vanilla 2 does this whole sing in again thing. It asks me if I want to create a new account or link my existing one. Either options fails to work. When I try to create a new account, I get this error:

    Fatal Error in Gdn_HandshakeAuthenticator.xReturningUser();

    Am I doing something wrong here or does this have to do with what you're fixing, Tim?
  • edited June 2010
    That's great! How far along is your work on this? Is it available on GitHub or anywhere that we might be able to chip in and assist? Thanks.

    Also, does anyone know where can I find a version of Vanilla 2 that will work with the old SSO plugin? I have the Garden GitHub repo, but the only tags are for RC1 and RC2; I'm not sure which commit would be a good place to go for the original authenticator.

    Do you know which version of Vanilla you're running? If you're running RC1 or later, SSO won't work. Otherwise, this could be a separate issue.
  • @jdbartlett

    I'm running RC1 as of right now. The kicker is that I installed it the day before RC2 was released. Does RC2 work with SSO as is? I'll be upgrading regardless.
  • @michaelalfox
    No, the current SSO plugin does not work in RC2. To be clear, the plugin isn't broken because of a bug in Vanilla, but because a new authentication system was introduced in RC1 which is not compatible with the SSO plugin. The new authentication system is what will be used by Vanilla from RC1 on; so any version of Vanilla 2 released since RC 1 is incompatible with the current SSO plugin. To use SSO, we'll need either a new version of the SSO plugin updated to work with Vanilla's new authentication system, or a patch that affects the old authentication system so that we can use the old SSO plugin. It sounds as though Tim's working on the latter option.
  • TimTim Operations Vanilla Staff
    @michaelalfox, @jdbartlett, @mpraetzel

    Here's how things work as of RC1.

    Basically the new authentication system allows multiple different 'authenticators' to handle user identities. These authenticators are interchangeable in a way, but they do different things. For example, there is a 'password authenticator' which is the one that logs you in based on your actual forum username and password. This is the default.

    We've added one called 'handshake authenticator' which is the new OAuth based version of Single Sign On, authenticating you based on a set of OAuth parameters in either a cookie, or the URL itself.

    What I'll be doing is adding another authenticator which implements the same functionality as the old SSO authenticator, thereby allowing SSO plugin to work again.

    As for how far I am, I have most of the work done, I just need to tie up some lose ends with it. Time permitting of course. (we have actual bugs to fix first!)

    Vanilla Forums COO [GitHub, Twitter,]

  • @Tim

    Thanks for the extra information. I'm new to Vanilla, but the new approach to authentication sounds flexible enough that I'll be able to build custom authenticators that more tightly integrate with my web apps without having to use the "session hijacking" style approach of the SSO plugin. That would be awesome.

    For now, I just needed to get a Single Sign-On system up and running quickly for a small project. I ended up going back to the vanillaforums/Garden GitHub repository to find the most recent commit in the master branch where Single Sign On still worked. This is the commit number I traced it back to:


    Obviously, this represents the code in a pre Release Candidate state; there have been bug fixes and apparently some major revisions since then. So if anyone's reading this thread several months from now, you almost certainly want to seek out what Tim's written instead of referring to this commit. But if like me, you just need to get the SSO plugin Version 1.1 working with your app in a pinch, you can do so by creating a local branch of the git repository from the above commit number.
  • TimTim Operations Vanilla Staff
    I'll probably have a working 'old mode' authenticator ready by the end of the day, or tomorrow at the latest.

    Vanilla Forums COO [GitHub, Twitter,]

  • Tim, where will this be posted?
  • TimTim Operations Vanilla Staff
    I'm going to hide it somewhere on the internet and leave you guys a trail of clues to find it :D

    Vanilla Forums COO [GitHub, Twitter,]

  • TimTim Operations Vanilla Staff
    (I'll mention it here and it will be in github)

    Vanilla Forums COO [GitHub, Twitter,]

  • @Tim

    Hi, Just wondering what the progress on this is..
  • TimTim Operations Vanilla Staff
    edited June 2010
    Just finished putting it together and doing some testing. If you grab the latest code from github you'll have it.

    Vanilla Forums COO [GitHub, Twitter,]

  • edited June 2010
    Great! I guess the new code won't work with the single sign on plugin. Will you be updating that as well? Or if you could provide me some tips and maybe some documentation on where to start looking I'll try patching it up myself.
  • Alright, so I just did a completely fresh install of RC2 and configured everything to get a nice shiny forum running. I then installed the SSO plugin (on Wordpress and Vanilla, of course) and started the setup process. Copied over the values from WordPress, did my enabling on the Vanilla side and as soon as I hit save, I get blank page with this error:

    Fatal error: Class 'Gdn_HandshakeAuthenticator' not found in /nfs/c06/h02/mnt/89205/domains/ on line 80

    I also made sure before enabling to change the default.php file to replace the instances where it said 'garden/plugin/singlesignon' with 'dashboard/plugin/singlesignon'.

    Now when I go to my forum and hit the sign in link, it just takes me to, where there isn't anything but a not found page.

    Not exactly sure what I've done wrong here. Any ideas?
  • Since there have been major changes, it's no surprise the plugin doesn't work anymore. In order to get this working out of the box, the plugin needs to be updated first.
  • That's kind of what I figured, but I also remembered that I'm really just a novice when it comes to this stuff and someone might be able to show me where I'm wrong. Or at least show a solution. If it's a matter of the plugin being updated, though, then I guess we'll just have to play the waiting game.

    I'd help if I had any knowledge of PHP and such.
  • TimTim Operations Vanilla Staff
    @desheikh, @michaelalfox, @mpraetzel, @jdbartlett, @flobster

    I just released a completely new version of the SSO Plugin itself on the addon site. Do give it a try and let me know how it works (or doesn't work) for you.

    Vanilla Forums COO [GitHub, Twitter,]

Sign In or Register to comment.