Cross domain autologin doesn't work

We created a brand new dev domain the other day and got our multisite setup and working. On that dev domain, as a Super Admin, we are able to move between subsite dashboards and are never asked to log in.

We've migrated that dev multisite to our live domain now, and until yesterday (I think) things were working fine. We noticed today though, that logged in as any Super Admin account, we are unable to visit subsite dashboards, the issue happens only with subsites which have mapped domains. We get prompted to log in. If we enter our Super Admin credentials, it works, but I don't know why we're being prompted to login in the first place.

We've tried enabling "Cross-domain autologin", but it doesn't work.

We've tried default .htaccess file and plugin conflict test, but it doesn't give any results.

  • viobru

    Hi, itsnotrocketsurgery!

    Hope you are doing great :slight_smile:

    I’m sorry to hear that you are having issues with this. I was checking this from my end and, for some reason, I’m getting an ERR_TOO_MANY_REDIRECTS when trying to access the dashboards of the subsites with mapped domains from the Sites page on Chrome browser. And this is happening on two different scenarios: sometimes I get the error right after clicking on the Dashboard link and other times I see the login screen and after entering the creds I get the error.

    I also noticed that, on Chrome browser, on the subsites with no mapped domain, when clicking on the dashboard link, I first see the WP login screen a few seconds and right after that I’m redirected to the dashboard of the subsite without having to enter the creds.

    So I tried to access the subsite by visiting https://ke*****.****ry.co.uk/wp-admin/ directly (which is where the Dashboard link from the Sites page redirects to) and even after getting the “You have logged in successfully. You will be redirected to the desired page during the next 5 seconds” message I got the ERR_TOO_MANY_REDIRECTS again.


    On the other hand, if trying to access any of the subsites’ dashboards from Sites’ page on Firefox browser, all they are redirecting to the login page and to access it I have to enter the creds again. And creds only work for non-mapped sites (subsites with mapped domains display an error).

    Could you please check this and let us know if you are getting this errors too?

    Many thanks in advance.

    Kind regards,
    Violeta

  • itsnotrocketsurgery

    Hi Violeta,

    Thanks for looking into this further.

    Here are my results as of now, using fresh Private Browsing sessions, from the Dashboard link in the network Sites page, when already logged in as Super Admin:

    CHROME
    Unmapped domains – take you to the login page, then redirects you to the dashboard a few seconds later
    Mapped domains – take you to the login page, then get stuck in a redirect loop

    FIREFOX & SAFARI
    Unmapped domains – take you to the login page and stop (no auto-login or redirecting). When I enter the Super Admin credentials again, it logs me in and I get the message "You have been logged in successfully. You will be redirected to desired page during next 5 seconds." Then it goes to the dashboard.
    Mapped domains – take you to the login page and stop (no auto-login or redirecting). When I enter the Super Admin credentials again, it logs me in and I get the message "You have been logged in successfully. You will be redirected to desired page during next 5 seconds." Then get stuck in a redirect loop.

    I think we're seeing the same behaviour.

  • Kasia Swiderska

    Hello itsnotrocketsurgery,

    So there are two issues right now on your site:

    1) Cross-domain not working - I checked with the developer and seems that there is a problem with new version of browsers, they are blocking mechanisms that allow for cross-domain login and the developer needs to rewrite it to adjust to recent changes.

    2) Redirect loop on mapped domains - seems that it was caused by the option in "Administration mapping" and "Login mapping" set to "domain entered by the user " - when I switched to "original domain " and redirect loop was gone after using admin credential.
    Could you check now if this issue is also gone on your side?

    kind regards,
    Kasia

  • itsnotrocketsurgery

    Hi Kasia,

    I've tested on all three browsers again, in private browsing for all of them, and for both domain mapped and non-mapped sub-sites. The results are now consistent and the same for all browsers:

    SAFARI, CHROME & FIREFOX
    Mapped/unmapped domains – take you to the login page and stop (no auto-login or redirecting). When I enter the Super Admin credentials again, it logs me in and I get the message "You have been logged in successfully. You will be redirected to desired page during next 5 seconds." Then it goes to the dashboard.

    So three things I think from here...

    1. Thanks for fixing the redirect loop issue for now :slight_smile:
    2. The auto-login currently isn't working, but will this be fixed when Domain Mapping has been updated to work with the new browsers?
    3. The English in that login message could do with a slight grammatical update. It should read:

    "You have been logged in successfully. You will be redirected to the desired page during the next 5 seconds."

    (Just the addition of two "the" words).

    Thanks! What next? :slight_smile:

  • Kasia Swiderska

    Hello itsnotrocketsurgery,

    2. The auto-login currently isn't working, but will this be fixed when Domain Mapping has been updated to work with the new browsers?

    This has not yet been fixed - I have been talking with the developer and this is quite tricky and they are still working on this one. There will be new Domain Mapping update soon, but it is already in the testing phase and most probably fix for cross-domain login will not make it into this release.

    3. The English in that login message could do with a slight grammatical update. It should read:

    "You have been logged in successfully. You will be redirected to the desired page during the next 5 seconds."

    Sure, I will report this to developers and they will make this adjustment.

    kind regards,
    Kasia

  • Panos

    Hi there itsnotrocketsurgery ,

    3. The English in that login message could do with a slight grammatical update. It should read:

    Thanks for the recommendation :slight_smile:

    Until this text has been changed in following release, you can change the text to anything you like by adding the following snippet:

    add_filter( 'login_message', function( $message ){
    
        if ( is_a( wp_get_current_user(), 'WP_User' ) && get_current_blog_id() != 1 ) {
            if ( Domainmap_Module_Cdsso::utils()->is_mapped_domain()  || Domainmap_Module_Cdsso::utils()->is_subdomain() ) {
                $message = '<p class="message">' . esc_html__( 'Changed redirect message', 'domainmap' ) . '</p>';
            }
        }
    
        return $message;
    }, 999 );

    Just remember to change the Changed redirect message to the message you want.

    If you're not familiar with mu-plugins, you can read about them here :
    https://premium.wpmudev.org/manuals/wpmu-manual-2/using-mu-plugins/

    In short, make sure you have the wp-content/mu-plugins folder created. Then create a new php file, or use an existing one, and paste the snippet.

    Hope this helps!

    Kind regards!

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.