There is a bug on SSO when site configured like this :
Administration mapping : original domain
Login mapping : original domain
Cross-domain autologin : async unchecked
Force http/https (Only for original domain) : frontend and backend forced to https
The cookies aren't created for the user with the $this->_do_propagation for the "public" domains and the preview doesn't work at all since the frontend domains aren't considered as logged-in.
So I have to check the "async" checkbox, but on frontoffice I do not want theses calls from the frontoffice to the 'contribution domains'.