Single sign-on for multiple single WordPress installs (6 posts)

  1. alnashar
    Posted 3 years ago #

    I've been searching a lot for a way to implement single sign-on across multiple wordpress installs..
    I have a single install of wordpress for one site and plan to build a new separate site with a different domain..
    Having the same community and user base for both site is a huge plus and would benefit the site a lot..

    I found that you can have two WordPress installs sharing the same DB and then to have single sign-on you can share the same user tables across both installs by adding two simple lines to wp-config in the second website, like so:

    define('CUSTOM_USER_META_TABLE', 'firstsite_usermeta_table');

    But it would seem this is not working properly after WordPress 3.0 and all posts regarding this solution are not updated..
    Is there any way this can be implemented for WordPress 3.0+?

    I also looked at implementing the new WordPress Network feature seeing how I would have the same users and have both sites in the same admin page, but then again it depends on sub domains and feels like it was built to add sub-blogs to a main blog, which is not entirely what I want..
    Is there any cons. to converting the website to a network? will some plugins not work for instance? and would it infect the performance of the server or the db if it's two full fledged websites that expect high traffic?


  2. Knut Sparhell
    Posted 3 years ago #

    This is a clear case for Multisite and a plugin for separate domains. A Multisite is a network of sites sharing the same network admin(s) and users. Using Multisite means you have a standard setup, and may easily get help if something stops working.

    Having two or more single installs using a common login is possible, but would not recommend it for non-experts. I have been experimenting with it once, just to learn, as I'm no expert on such a setup.

    In addition to define common user and usermeta tables, you need to tell the browsers that if you are logged in in to one site, then they are also logged in to the other. To do this the cookies need to based on the same domain (and path) and passwords have the same hash (encryption), both in the database and as cookies. The following additional setup may not work for different domains, but it should work in a subdomain (at least I got it working, finally):

    $root_host = 'your-first-site-host';
    define( 'COOKIE_DOMAIN', '.'.$root_host );
    define( 'COOKIEHASH', md5('http://'.$root_host) );

    Then, you have to copy some (or all) of the secret keys, so that are the same on both sites. At lest the keys that have to do with login.

    Before testing, be sure to delete all browser cookies belonging to the domain, and restart your browser.

  3. I will point out that even with single sign on, you aren't magically logged in to all domains at once, due to cross cookie contamination (tl;dr - for your own protection, you can't have cookies cross domains). That said, the same username/password combo works :)

  4. alnashar
    Posted 3 years ago #

    Thanks for the reply,
    Not begin logged in across all sites and having the user login again when changing the site is not an issue. I only need the users to be the same and synced across the sites. So messing with cookies and all that wont be needed..

    So you do recommend building the two sites using the WordPress Network feature, even if they aren't sub-blogs?

  5. Yes :)

    Subblog is just a designation for us humans, it doesn't actually mean the sites are related. Each site is separate.

  6. todiadiyatmo
    Posted 3 years ago #

    Thanks broo, you save my day. This is really helpful !

Topic Closed

This topic has been closed to new replies.

About this Topic