Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Problems integrating Vanilla with my site using ProxyConnect
I have own site with about 200 registered users. I am trying to integrate Vanilla forum to my site (CMS) using ProxyConnect. I have spent about 2 days on this but there are no success.
I have:
My site (self written CMS on php). Users stored in table 'Users' in MySQL DB.
Vanilla 2.0.15.
ProxyConnect 1.8.4 plugin.
Localhost. Ubuntu 10.04. Apache 2. PHP 5.3.2. MySQL.
Firefox 3.6.12.
That is what I do:
1. Install Vanilla to mysite.com/forum directory. While installation I have setted email (mikest@myemail.com), username (mikest), password (123456) the same as my site admin account (in my self written CMS). Vanilla installed succesfully.
2. Extract ProxyConnect to mysite.com/forum/plugins and enable it in Dashboard.
3. Then I configure ProxyConnect like this:
Main Site URL: http://mysite.com
Authenticate URL: http://mysite.com/vanillaProxy
Registration URL: http://mysite.com/registration
Sign-In URL: http://mysite.com/login
Sign-Out URL: http://mysite.com/logout
Vanilla Cookie Domain: http://mysite.com (<---- WHAT VALUE IT MUST BE ???).
4. In my CMS I created url http://mysite.com/vanillaProxy and function which returns information in the form of:
UniqueID=123
Name=mikest
Email=mikest@myemail.com
It works ok.
5. I have added this lines at the end of my logout() CMS's function:
setcookie('Vanilla', ' ', time() - 3600);
unset($_COOKIE['Vanilla']);
6. I set ProxyConnect as Current Authenticator in Vanilla.
7. Then I sign out from Vanilla forum.
8. Then I go to mysite.com/forum and press 'Sign In' link. It redirects me to mysite.com/login. I fill in the login form with my CMS admin account user:mikest, password:123456 (email:mikest@myemail). It signs me in to my site and redirects me to main page mysite.com.
9. Then I go to mysite.com/forum. AND it goes to infinite loop and does not open anything. In FireBug I see about 20 records about url: http://mysite.com/forum/index.php?p=/entry/handshake/proxy.
That is no all. If I delete all forum and its data base tables and do all this steps from 1 to 8 again. BUT in step 3 I do NOT set 'Vanilla Cookie Domain', I leave it empty. Then when at step 9, I go to mysite.com/forum, it redirects me to mysite.com/forum/index.php?p=/entry/handshake/proxy where I connect my existing account. And all is seems ok. All works ok if sign in and sign out as admin user (username:mikest).
BUT
Then I sign out from forum, It signs out from my CMS and forum. Then I am trying to sign in with other user account. I go to mysite.com/forum, it redirects me to mysite.com/login. I fill in login form with other user data - username:bob, password:mypassword123. It redirects me to my mysite.com and signs me in at my CMS. Then I go to mysite.com/forum. And it opens normal BUT it shows that I signed in as user 'mikest'!!! I have tried to clean my cookies before to login as user 'bob' but nothing helps. I also tried to do it in another browser but it always signs me in like I am user 'mikest'. I have checked that my Authenticate URL: http://mysite.com/vanillaProxy returns correct information for user 'bob'. I also checked that at Gdn_ProxyAuthenticator->Authenticate() function of ProxyConnect it gets correct information about 'bob' from Authenticate URL. I also tried this: http://vanillaforums.org/discussion/13698/patch-for-proxyconnect-problems but it does not helps.
It drives me crazy, I dont understand why this is so. Could somebody help me, please?
I have:
My site (self written CMS on php). Users stored in table 'Users' in MySQL DB.
Vanilla 2.0.15.
ProxyConnect 1.8.4 plugin.
Localhost. Ubuntu 10.04. Apache 2. PHP 5.3.2. MySQL.
Firefox 3.6.12.
That is what I do:
1. Install Vanilla to mysite.com/forum directory. While installation I have setted email (mikest@myemail.com), username (mikest), password (123456) the same as my site admin account (in my self written CMS). Vanilla installed succesfully.
2. Extract ProxyConnect to mysite.com/forum/plugins and enable it in Dashboard.
3. Then I configure ProxyConnect like this:
Main Site URL: http://mysite.com
Authenticate URL: http://mysite.com/vanillaProxy
Registration URL: http://mysite.com/registration
Sign-In URL: http://mysite.com/login
Sign-Out URL: http://mysite.com/logout
Vanilla Cookie Domain: http://mysite.com (<---- WHAT VALUE IT MUST BE ???).
4. In my CMS I created url http://mysite.com/vanillaProxy and function which returns information in the form of:
UniqueID=123
Name=mikest
Email=mikest@myemail.com
It works ok.
5. I have added this lines at the end of my logout() CMS's function:
setcookie('Vanilla', ' ', time() - 3600);
unset($_COOKIE['Vanilla']);
6. I set ProxyConnect as Current Authenticator in Vanilla.
7. Then I sign out from Vanilla forum.
8. Then I go to mysite.com/forum and press 'Sign In' link. It redirects me to mysite.com/login. I fill in the login form with my CMS admin account user:mikest, password:123456 (email:mikest@myemail). It signs me in to my site and redirects me to main page mysite.com.
9. Then I go to mysite.com/forum. AND it goes to infinite loop and does not open anything. In FireBug I see about 20 records about url: http://mysite.com/forum/index.php?p=/entry/handshake/proxy.
That is no all. If I delete all forum and its data base tables and do all this steps from 1 to 8 again. BUT in step 3 I do NOT set 'Vanilla Cookie Domain', I leave it empty. Then when at step 9, I go to mysite.com/forum, it redirects me to mysite.com/forum/index.php?p=/entry/handshake/proxy where I connect my existing account. And all is seems ok. All works ok if sign in and sign out as admin user (username:mikest).
BUT
Then I sign out from forum, It signs out from my CMS and forum. Then I am trying to sign in with other user account. I go to mysite.com/forum, it redirects me to mysite.com/login. I fill in login form with other user data - username:bob, password:mypassword123. It redirects me to my mysite.com and signs me in at my CMS. Then I go to mysite.com/forum. And it opens normal BUT it shows that I signed in as user 'mikest'!!! I have tried to clean my cookies before to login as user 'bob' but nothing helps. I also tried to do it in another browser but it always signs me in like I am user 'mikest'. I have checked that my Authenticate URL: http://mysite.com/vanillaProxy returns correct information for user 'bob'. I also checked that at Gdn_ProxyAuthenticator->Authenticate() function of ProxyConnect it gets correct information about 'bob' from Authenticate URL. I also tried this: http://vanillaforums.org/discussion/13698/patch-for-proxyconnect-problems but it does not helps.
It drives me crazy, I dont understand why this is so. Could somebody help me, please?
Tagged:
2
Comments
This worked for me:
1. BEFORE (!!!) installing the forum on the server you MUST apply the patch: http://vanillaforums.org/discussion/13698/patch-for-proxyconnect-problems
(just change one line in code).
2. 'Vanilla Cookie Domain' field in ProxyConnect configuration MUST be empty. [see step 5 in my original message].