cross domain auto login is not working.

We are testing wpengine.com services these days. We are on their premium package with our own dedicated server. I have following multi-site setup with them.

mymultisite.wpengine.com

we have used following instructions to have our main domain the primary domain for their network.

http://wpengine.com/support/how-to-change-a-multi-site-primary-domain/

After these changes we are able to access the network on

mydomain1.com

I have added a wild card entry in the dns using cname. so I am able to create subdomains on the fly.

I have 4 test sub-domains setup which are working fine. I am logged-in on all sites all the time.

sub1.mydomain1.com
sub2.mydomain1.com
sub3.mydomain1.com
sub4.mydomain1.com

I have installed domain mapping plugin and added 2 new cnames on my second domain dns.

test1.mydomain2.com --> mymultisite.wpengine.com

and

test2.mydomain2.com --> sub2.mydomain1.com

I then mapped both of these sub-domains using domain mapping plugin on mydomain2.com in following order.

test1.mydomain2.com --> sub1.mydomain1.com

and

test2.mydomain2.com --> sub2.mydomain1.com

I can access newly mapped domains fine. But Cross-domain autologin is not working. The option at network admin is already set to 'Yes'.

I am also planning to use multi-domain but needs to get this fixed first. I would really appreciate your help here.

  • chodhry

    Here you go. I have changed my multisite instance name and domain name according to the above example.

    Environment Configuration Details
    PHP
    Version 5.3.2-1ubuntu4.22
    max_execution_time 3600
    open_basedir
    memory_limit 256M
    upload_max_filesize 50M
    post_max_size 100M
    display_errors
    log_errors 1
    track_errors
    session.auto_start 0
    session.cache_expire 180
    session.cache_limiter nocache
    session.cookie_domain
    session.cookie_httponly
    session.cookie_lifetime 0
    session.cookie_path /
    session.cookie_secure
    session.gc_divisor 100
    session.gc_maxlifetime 1440
    session.gc_probability 25
    session.referer_check
    session.save_handler files
    session.save_path /var/lib/php5
    session.serialize_handler php
    session.use_cookies 1
    session.use_only_cookies 1
    error_reporting 4983
    E_ERROR
    E_WARNING
    E_PARSE
    E_CORE_ERROR
    E_CORE_WARNING
    E_COMPILE_ERROR
    E_USER_ERROR
    E_USER_WARNING
    E_RECOVERABLE_ERROR
    E_ALL
    MySQL
    Version 5.5.35-33.0-log
    Driver mysql
    key_buffer_size 64 MB
    max_allowed_packet 16 MB
    max_connections 200
    query_cache_limit 1 MB
    query_cache_size 0
    query_cache_type OFF
    WordPress
    Version 3.8.1
    ABSPATH /nas/wp/www/cluster-2811/mymultisite/
    WP_CONTENT_DIR /nas/wp/www/cluster-2811/mymultisite/wp-content
    WP_PLUGINS_DIR undefined
    SUNRISE on
    UPLOADBLOGSDIR undefined
    UPLOADS undefined
    SUBDOMAIN_INSTALL 1
    DOMAIN_CURRENT_SITE mydomain1.com
    PATH_CURRENT_SITE /
    SITE_ID_CURRENT_SITE 1
    BLOGID_CURRENT_SITE undefined
    COOKIE_DOMAIN .mydomain1.com
    COOKIEPATH /
    SITECOOKIEPATH /
    DISABLE_WP_CRON
    ALTERNATE_WP_CRON undefined
    DISALLOW_FILE_MODS
    WP_HTTP_BLOCK_EXTERNAL undefined
    WP_ACCESSIBLE_HOSTS undefined
    Web Server
    Software Apache
    Version Unknown
    Address 127.0.0.1
    Host pod-2811
    Remote HTTP Requests
    WPMU DEV: GET OK
    WPMU DEV: POST OK
    PayPal API: POST OK

  • Aaron

    First, your CNAMES should go to the primary domain, mydomain1.com.

    If you have DOMAIN_CURRENT_SITE or COOKIE_DOMAIN defined in your wp-config file, comment those out as they can cause issues.

    I don't think either of those is your problem though. I havn't been up to date comptely on the latest changes to domain mapping, but at least it used to be that cross domain login works like this:

    If you login to a mapped domain, you will receive cookies for just that domain. If you login on the root domain, it will loop through the "my sites" (sites your user has a role for) and set a logged in cookie for each. Note this is limited though, only a certain number of cookies can be set this way and avoid an error.

    Also when it sets cookies for the mapped domains, it only does this for the admin side currently, so you won't look logged in on the frontend.