Support » Plugin: WP User Manager - User Profile Builder & Membership » Custom login form does not work with SSO

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor Alessandro Tesoro

    (@alessandrotesoro)

    Hi @guyinpv

    I don’t have experience with those two plugins so I’m not sure of how much help I can be. How does the SSO work exactly? Are there any specific buttons you need to click to activate it? Or is the login form just supposed to “work” with the same details across all sites?

    My best bet is that those plugins are specifically checking for the GET parameters only on the wp-login.php page? Again, I’ve never used those two plugins so I could be completely wrong here. But if I’m correct, then you’d need to do some custom coding to integrate the SSO within the WPUM’s login form process.

    Something else you could try is to disable WPUM’s modification of the authentication process and the modification of the login url. Not guaranteed this would make any difference.

    You can disable those two by adding the following lines to your theme’s functions.php file

    
    remove_filter( 'authenticate', 'wpum_authentication', 20 );
    remove_filter( 'login_url', 'wpum_login_url', 10 );
    

    Apologies if I can’t be of much help in this case.

    Thread Starter Guyinpv

    (@guyinpv)

    Thanks for the quick reply. Unfortunately those filters didn’t work.
    I’m not using the force login URL setting, although I’d like to (that’s the part that breaks it). It does work when NOT doing that and using the normal WP login page.

    The SSO is relatively simple process with these steps:
    1) On the slave site, there is a login button that references /?auth=sso. This kickstarts the SSO plugin into action.

    2) The SSO plugin now redirects to the master site with a URL that includes all the necessary meta-data, the URL looks like this:
    https://examplemastersite.com/login/?redirect_to=https://examplemastersite.com/?oauth=authorize&response_type=code&client_id=EZiVxxxxxxxxxxNk&client_secret=Mc3Oxxxxxxxxxxxxxxxxx2w3R&redirect_uri=https%3A%2F%2Fexample.com%2F%3Fauth%3Dsso

    3) Now with that URL, I’m sitting at the login screen of WPMU, with all that stuff in the URL. The WPMU login is simply the username and password. I type those and click Login. The page grinds for a couple seconds and then I get the oauth JSON error message back “No client id supplied”. Here is a screenshot of the error, presented by Firefox. https://www.dropbox.com/s/ewfi37pgvhhfaiz/cant%20login.png?dl=0

    So, the error is that the client id is missing. But the client id was in the URL parameters. So my assumption is that the WPMU login functionality is just not taking those params and passing them through so the oauth plugin can do its thing.

    I know the standard WP login screen does this because you often see a redirect URL in the query parameters. WP is obviously storing that value and passing it on for a redirect later on. It must be storing and passing on those oauth parameters as well?

    In the case of WPMU, maybe it’s not?

    If any of this makes sense, perhaps it’s something that is quick to add? Just pull in all the query parameters and pass them along when logging in? Can I do this myself with any filters or hooks?

    Lastly, if you had the time and wanted to test the OAuth stuff, both plugins are free, and you can follow this quick tutorial to set it up on a couple test sites: https://www.youtube.com/watch?v=2JBr9uxO2Yc

    Thanks for any more help!

    Plugin Contributor Alessandro Tesoro

    (@alessandrotesoro)

    Hi @guyinpv

    I’ve installed the 2 plugins on my end, configured them both on each site but I’m not getting your same error.

    On my end, whem the “lock wp-login” setting is enabled on both sites, nothing happens. I’m not even redirected to any login form, not the wpum one nor wp-login.php.

    When the the setting is disabled instead, SSO works fine because it goes through the wp-login.php page. I’m assuming you obviously would like to use the WPUM login form instead of the wp-login.php, is that correct? If so, how are your urls configured? I’ve just used the site’s domains.

    Let me know and maybe I might be able to figure it out.

    Thread Starter Guyinpv

    (@guyinpv)

    Thanks for digging in to this!

    On the master site, you would have a custom login page, we happen to be using Elementor Pro to create it, and then putting the WPMU shortcode into there. Once this custom login page is created with the shortcode, edit the WPMU settings to make this new page the login page, then turn on the lock wp-login setting.

    Assuming SSO is set up now.

    On the slave site, all you need is a custom button or link that references itself with the URL like exampleslave.com/?auth=sso.
    When this URL is hit on the slave site, the SSO plugin takes over and will redirect to the master site with the long URL I posted before. This should take you now to the custom login page.

    Then you can attempt to log in.

    On my sites, what happens is that the user does indeed get logged in to the master site, but the SSO doesn’t work, they don’t get logged in to the slave site as well, the error comes back.

    Basically all you would need to test is if you turn on lock setting and have a custom login page, does it actually work when logging in SSO? Does it log them in on the slave site?

    I don’t know if we can send private messages or anything but I’d be happy to record a screencast showing all the stuff going on if I could send it to you privately.

    Plugin Contributor Alessandro Tesoro

    (@alessandrotesoro)

    Hi @guyinpv

    Apologies for late reply. On my end I believe I have the same setup as yours but I’m not redirected to the WPUM login page on the slave site for some reason.

    Would you please be able to email me at support@wpusermanager.com and send me a screencast there? That would help so I can try see if I’ve missed something.

    Thank you.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Custom login form does not work with SSO’ is closed to new replies.