Incorrect or out of date login key

Hello

I have a large WordPress site running on address myserver.com. I have a lot of clients who want to run their own sites with their own domains.

I currently have those sites running on sub-domains like
client1.myserver.com
client2.myserver.com

I'm using WPMU Dev Domain Mapping plugin to map following for them:

For Client 1:
client1.com
http://www.client1.com (starred)

For Client 1:
client2.com
http://www.client2.com (starred)

Their sites work fine, but when they login, they can't anymore VIEW their own site. They can do site managing fine, but when they try to open a new tab and go to http://www.client1.com, an error message "Incorrect or out of date login key" appears and the browser keeps loading. Browser URL also changes to
http://www.client1.com/category/henkilokunta/?__domainmap_action=domainmap-authorize-user&auth=adminusername|1410013941|HsJBgMfS5wzzUGnMLfiuIG1lp1d0e4n3vJPrQZE9aMA|b4292679c67d0672d8bc9c1a3d41aed961577274f17ae462897d6a380b0da901

So far the clients have been using another browser (Firefox) to view the site. However this is not a very elegant solution.

  • Hoang Ngo

    Hi

    Great to hear that worked for you :slight_smile:

    Yah, this issue cause because it's make the cookies conflict. I the scenario, you have logged in the subdomain, now the cookie will save you as for the sub domain. But after that, you login in to the mapped domain, now the conflict happened, and wordpess can not verify the cookie value for the new domain. So clear cookie will fix this :slight_smile:

    If you have any issues please don't hesitate to let us know so we can assist

    Best regards,
    Hoang Ngo

  • timstrifler

    This just happened to me as well. The only difference, is the site that it happened on did not map a domain. I have the domain mapping plugin activated, but the site wasn't using a mapped domain. It just randomly wouldn't let me view the site when logged in. If logged out, I could view the site, but if I tried to view the site when logged in, I received the error: Incorrect or out of date login key

    Thankfully this was a test site, however I have no way of knowing how many customers I lost, if this happened to them as well.

    Can this be looked into more? My customers who use my sites on my multisite network are not tech savvy people, and I hardly think that asking them to "clear their browsing cookies" is a good solution. This is a bug in the code and should be fixed.

    • Sybre Waaijer

      Hi @Sam! I'd like to suggest the following, instead of:

      wp_die( __( "Incorrect or out of date login key", 'domainmap' ) );

      This (something along the line of):

      unset($_COOKIE['INPUT_GET']);
      wp_die( __( "Incorrect or out of date login key, redirecting in 5 seconds", 'domainmap' ) );
      sleep(5);
      wp_redirect( home_url( '/wp-login.php' ) );
      exit;

      This example is untested, probably not working and I'm not even sure if INPUT_GET is a cookie :smiley: But I think you'll get the idea ^^

      For non-code savvy: It basically logs the current user out and redirect them to the login page after 5 seconds.

      The principles have been tested, I redirect myself manually from the Error page to the login page on that site and log in again and I will be redirected from there to the website's dashboard, the Error won't occur again after the CDSSO kicked in (for the time being).

      Currently I'm testing this on my live site, I'll report back with my customer's complaints xD:

      /*wp_die( __( "Incorrect or out of date login key", 'domainmap' ) );*/
      wp_redirect( home_url( '/wp-login.php' ) );
      • Sybre Waaijer

        All aboard the nope-train for my redirect suggestion (last piece of code), it'll cause a login page reload loop in some cases :')

        $location = home_url('/wp-login.php');
        $status = 307; // One-time non-cached Redirect because of error - Useable from WP 4.1 in wp_die as well
        header( "Refresh:5;url=" . $location,TRUE,$status );
        wp_die( __( "Incorrect or out of date login key, redirect in 5 seconds to login page. If not, click here:", 'domainmap' ) . ' <a href="' . $location . '">' . $location . '</a>' );
        /*wp_die( __( "Incorrect or out of date login key", 'domainmap' ) );*/

        Testing this now :slight_smile: so far so good

        • Sybre Waaijer

          Ugh, the edit time on these forums are too low for me :slight_frown:

          Anyway, I got a very temporary (visual) fix for anyone who has a lot of costumers on their website running into this problem. This does not fix the root cause which I know nothing about. Only apply the code below if you know what you're doing and willing to take the risk.

          So, on line 345 (I could be off) in domain-mapping/classes/Domainmap/Module/Cdsso.php change the following line, from:
          wp_die( __( "Incorrect or out of date login key", 'domainmap' ) );

          To:

          $redirecturl_clean = home_url('/wp-login.php');
          $redirecturl = home_url('/wp-login.php?redirect_to=') . urlencode( $_SERVER['REQUEST_URI'] );
          header( "Refresh:5;url=" . $redirecturl,TRUE,307 );
          wp_die( __( "Your cookies are out of sync. Redirect in 5 seconds, if not click the link below<br /><strong>See this message more often? <a href='https://support.google.com/accounts/answer/32050?hl=en' target='_blank'>Clear your cookies</a>.</strong>", 'domainmap' ) . '<br /><br /><a href="' . $redirecturl . '">' . $redirecturl_clean . '</a>' );

          Now just let's wait for the almighty WPMUdev staff for a real fix <3

          • Sybre Waaijer

            Hi @Ossi! I cannot reply more than 5 levels deep so this is a bit weird lol.

            Anyway, I would like to stress that this does not fix the root problem, this will only redirect the user when the problem occurs so the user can still log in and stays on the website after this error shows up.

            It also does give a little more information than "out of date key" does so the non-techy users (which are more than 99% of them?) know what's going on and what to do instead of looking for their car keys.

            It also allows the user to interact with your website without fiddling with their browser('s url bar) or even worse, closing the window.

            However, it's a nice addition to have and keep (or adjust for the better) although it might not be perfect :slight_smile:

            There are a lot of issues with domain mapping and all these issues are caused by this: it's freaking difficult and absolutely unnatural for your browser and server, there are also many different server/website configurations that need to be considered. Luckily Sam, Hoang Ngo and the rest of the WPMUdev team are brilliant :slight_smile:

            P.S. I can almost replicate this issue instantly since the last update. About every 1 to 2 re-logs and crossing over the 9 mapped domains I almost always get 2 or 3 sites that give these errors, which of these give the error is random. This also accounts HTTPS sites. My customers have been complaining too so that's why I looked it up and came here. This mostly happens when 2 or more tabs are open on the server, say "maindomain.com = tab1" and "userdomain1.com = tab2" for example.

  • RavanH

    Hi all,

    I'm (or rather, site owners on my network) running into this issue on a too regular basis these days. I'm getting more and more complaints and even though clearing the browser cookie cache or forcing a logout by passing via /wp-login.php?action=logout (is that not a good redirect URL instead of showing any cryptic message!?) works, clients are very unhappy about this.

    @Ossi quick question: Are you using any form of Cache? If so, are you using Object Cache?

    I our case: yes we are using W3TC for memcached object caching.

    We are also using Domain Mapping in combination with Multi-Domains with SSO enabled. So that might also play a role here... And one final note: when I switch the Domain Mapping network options for "Login/Administration mapping" to any other setting, the issue also disappears (without clearing cookies) but after a while it will start again :slight_frown:

    Hope this can be resolved soon!

  • RavanH

    Just to let others know: we're using the following code to replace the unhelpful "Incorrect or out of date login key" text with some more info and a working logout link:

    $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
    wp_die( sprintf( __( "Incorrect or out of date login key. Please clear your browser cookies or <a href='%s'>log out</a> and back in again.", 'domainmap' ), wp_logout_url( $redirect_to ) ) );
  • Sybre Waaijer

    For anyone interested, I'm only using Page Cache at this moment. Disabling Fragment cache was a must because it was bugged and Disabling Object cache also improved overall performance - This might differ per server and its configuration. Because of this, I discovered a way to prevent any out of date keys and with that I prevented any SSO loops.

    If you're using Apache's MPM Worker I'd advice you to switch to MPM Prefork - This is done on the server level. I'm not sure if it would help you but I noticed a much more steady performance in the admin side of my sites. I'm pretty convinced that this has nothing to do with the bugs described in this topic, but it might just be the weird key.

    Anything you can do on the W3 Total Cache level to prevent these problems is as follows:
    - Disable all caches besides Page Cache, you can still use the CDN, NewRelic, Varnish, Google Analytics and w/e features.
    - Enable "Use single network configuration file for all sites".
    - In Page cache, disable Cache URIs with query string variables
    - In Page cache, enable "Don't cache pages for logged in users"
    - In Page cache, enable "Don't cache pages for the following user roles: Admin, Editor, etc.
    - In Page cache, disable Late initialization
    - In Page cache, add the following 3 lines of code in "Never cache the following pages:"
    .*/\?__domainmap_action=domainmap-authorize-user.*
    http://yourdomain\.com/wp-admin/admin-ajax\.php\?action=domainmap-setup-cdsso
    https://yourdomain\.com/wp-admin/admin-ajax\.php\?action=domainmap-setup-cdsso

    Change yourdomain\.com into your domain :slight_smile:

    Alter any other settings to the ones you'd like.

    If you have tried out the above suggestions, let us know if it helped you :slight_smile: For me it has :slight_smile:

  • Sybre Waaijer

    Hi there,

    I would like to add that I found the core problem of this: You're logged in other sessions.

    Brilliantly, since WordPress 4.1 the user's profile page contains a "destroy-sessions" options, this will log the user out of all other sessions and will make them enjoy your website again.

    I would like to announce that this will solve the problem of "incorrect and out of date keys" if implemented correctly.

    I've pulled out all the code that's required and ordered them in order of necessity. All that's needed is for this code to be implemented and the user can log himself out of all other sessions with a click of a button and thus fix the problem instantly.

    This could also be done automatically (so without a button, with a notification) to which I do not see any problem, alas they do have to log in again on the other device but hey, they will be able to use the website again :smiley:.

    Here's the code, unfortunately I do not have the time to implement this so I'd like to assign this job to @Sam or any other involved developer on Domain Mapping for an overall bug free user experience.

    <!-- user-profile.js
    ------------------------>
    <script type="text/javascript">
    (function($){
    	$( '#destroy-sessions' ).on( 'click', function( e ) {
    		var $this = $(this);
    
    		wp.ajax.post( 'destroy-sessions', {
    			nonce: $( '#_wpnonce' ).val(),
    			user_id: $( '#user_id' ).val()
    		}).done( function( response ) {
    			$this.prop( 'disabled', true );
    			$this.siblings( '.notice' ).remove();
    			$this.before( '<div class="notice notice-success inline"><p>' + response.message + '</p></div>' );
    		}).fail( function( response ) {
    			$this.siblings( '.notice' ).remove();
    			$this.before( '<div class="notice notice-error inline"><p>' + response.message + '</p></div>' );
    		});
    
    		e.preventDefault();
    	});
    
    })(jQuery);
    </script>
    
    <?php
    /* user-edit.php
    ------------------------ */
    if ( is_multisite()
    	&& ! current_user_can( 'manage_network_users' )
    	&& $user_id != $current_user->ID
    	&& ! apply_filters( 'enable_edit_any_user_configuration', true )
    ) {
    	wp_die( __( 'You do not have permission to edit this user.' ) );
    }
    
    /* admin-ajax.php
    ------------------------ */
    $core_actions_post = 'destroy-sessions');
    
    if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) )
    	add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
    
    /* user-edit.php
    ------------------------ */
    default:
    $profileuser = get_user_to_edit($user_id);
    
    if ( !current_user_can('edit_user', $user_id) )
    	wp_die(__('You do not have permission to edit this user.'));
    
    $sessions = WP_Session_Tokens::get_instance( $profileuser->ID );
    
    include(ABSPATH . 'wp-admin/admin-header.php');
    ?>
    
    <table class="form-table">
    <?php
    if ( IS_PROFILE_PAGE && count( $sessions->get_all() ) === 1 ) : ?>
    	<tr class="user-sessions-wrap hide-if-no-js">
    		<th> </th>
    		<td aria-live="assertive">
    			<div class="destroy-sessions"><button disabled class="button button-secondary"><?php _e( 'Log Out of All Other Sessions' ); ?></button></div>
    			<p class="description">
    				<?php _e( 'You are only logged in at this location.' ); ?>
    			</p>
    		</td>
    	</tr>
    <?php elseif ( IS_PROFILE_PAGE && count( $sessions->get_all() ) > 1 ) : ?>
    	<tr class="user-sessions-wrap hide-if-no-js">
    		<th> </th>
    		<td aria-live="assertive">
    			<div class="destroy-sessions"><button class="button button-secondary" id="destroy-sessions"><?php _e( 'Log Out of All Other Sessions' ); ?></button></div>
    			<p class="description">
    				<?php _e( 'Left your account logged in at a public computer? Lost your phone? This will log you out everywhere except your current browser.' ); ?>
    			</p>
    		</td>
    	</tr>
    <?php elseif ( ! IS_PROFILE_PAGE && $sessions->get_all() ) : ?>
    	<tr class="user-sessions-wrap hide-if-no-js">
    		<th> </th>
    		<td>
    			<p><button class="button button-secondary" id="destroy-sessions"><?php _e( 'Log Out of All Sessions' ); ?></button></p>
    			<p class="description">
    				<?php
    				/* translators: 1: User's display name. */
    				printf( __( 'Log %s out of all sessions' ), $profileuser->display_name );
    				?>
    			</p>
    		</td>
    	</tr>
    <?php endif; ?>
    </table>
  • Sybre Waaijer

    Hi @timstrifler

    I haven't faced this problem in a long time. I think this is because I set the Domain Mapping options to the following values in /wp-admin/network/settings.php?page=domainmapping_options

    Administration mapping =  domain entered by the user
    Login mapping =  original domain <-- this is the big change, was needed for cache clearing to propagate, this might also work for the cookies and stuff.
    Cross-domain autologin = Yes
    Verify domain's DNS settings = No
    Force http/https (Only for original domain) = Yes ( I use SSL)
    Would you like to force http/https in front-end pages: = No (Done through .htaccess)

    Let me know if this helps :slight_smile: Have a great day!

  • RavanH

    @Sybre, setting the Login Mapping to Original domain seems to work (so far only tested one day) except for sites using Polylang with the option "Language is determined by domain" enabled and different domains set for each language. In an ideal world I'd like to see Polylang and Domain Mapping play nice together. It would make for a powerful combo but I realize that adding more complexity at this point is not helping :wink:

    • Sybre Waaijer

      I think the best case scenario would be to ditch the admin-ajax.php file load (which is just being dumped into the header regardless on what to use from it) and make a nice global cookie that is pulled with JS, or rather with some HTML5 magic when possible.

      I'm going to look into this on my own terms when I find the will and time, but don't expect anything special :p

      P.S. for the WPMUdev own theme dev: Add this to your CSS (The use for it on this topic post is a good example :smiley:):
      .job-single .entry-content p, .topic-single .entry-content p { overflow-wrap: break-word; } Thank me later =P

  • RavanH

    @WrSantiago - I tried the suggestion by @Sybre, setting the Login Mapping to Original domain and the issue seems to occur less but has not gone away on our installation. I agree it's a nasty 'bug' (or unfortunate side-effect of who knows what) that is pestering our clients. And having to explain to them, after the frustration of not even being able to see the front end of their own site (redirect to the ugly message everywhere) how they need to do some stuff on their own browser that they might have never even done before... It's embarrassing to say the least :slight_frown:

    In a post earlier on this thread I shared a solution that worked great, until it was overwritten again by the following plugin update:

    Just to let others know: we're using the following code to replace the unhelpful "Incorrect or out of date login key" text with some more info and a working logout link:

    $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
    wp_die( sprintf( __( "Incorrect or out of date login key. Please clear your browser cookies or log out and back in again.", 'domainmap' ), wp_logout_url( $redirect_to ) ) );

    This code is to replace the line

    wp_die( __( "Incorrect or out of date login key", 'domainmap' ) );

    which in the current version can be found on line 378 in domain-mapping/classes/Domainmap/Module/Cdsso.php

    At this moment, I'm modifying that line to the following untested, which should simply eliminate the (rude) "Incorrect or out of date login key" message page all together:

    $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
    wp-redirect( wp_logout_url( $redirect_to ) );

    This (in theory) should force a logout and depending on the original page requested, will simply make the client land on that page or the login form again. This might (slightly) raise an eyebrow or two in surprise but at least the user knows how to log back in and the issue should then have resolved itself. In my opinion a friendlier approach than an unhelpful message that only brings me frustrated clients...

    • Sybre Waaijer

      Hi @RavanH

      That's weird! I haven't had the problem ever since, although I'm not sure if you've set everything like I have.
      I'm also wondering if you're using a caching plugin, I've completely disabled browser caching and have done a lot more on the back-end through Apache. It might just be a sum of solutions that prevents this error from recurring, but we've got to dig deeper!

      If you're still getting the issues, I'd love to hear more about your (WordPress) network settings to which you think that might relate to this issue, both front-and back end.

      Let's splat that bug :smiley: Because quite frankly it's like you say, it will raise an eyebrow when it happens! Fixing the root of the problem is much better than finding ways to log the user out and in again in the most convenient (and thus most difficult) way :slight_smile:

      • RavanH

        It might just be a sum of solutions that prevents this error from recurring, but we've got to dig deeper!

        And likewise it must be a sum of circumstances that make it happen because it seems not everybody is suffering the issue...

        Yes we are using caching. Both DBquery+Object caching (managed by W3TC) in memcached and a content cache by FastCGI Cache on the Nginx server level. Removing these is no long term option for us but I'll try to play with clearing caches etc. as soon as I run into the issue again.

        I also have the impression the new Domain Mapping options to do the SSO async and to put the scripts in the footer might be of influence. Last time I ran into the issue on one of the sub-sites, I went back to the main network settings and changed these two options. Then going back to the page with the login key problem, it suddenly was no problem anymore.

        I must note that all this time, on another network installation with Donncha's Domain Mapping plugin (and otherwise similar plugins) on a similar server setup (Nginx+FastCGI Caching and memcached for object and DB query caching) there are never problems with the SSO on both original and mapped domain. No idea (yet) about the difference in the login process of these two Domain Mapping plugins but it might be worth investigating. I do notice that Donncha's plugin does not offer the possibility to have the login on another domain than the admin... Maybe the login and admin pages simply always need to be on the same domain to prevent this issue?

        • Sybre Waaijer

          Hi RavanH,

          The difference I see within your servers is the Object caching being available or not.

          In my experience, the Object caching from W3TC is bugged - slow admin area + this was one of the first things that I disabled that lead me to an error free experience cross-domain. Better use batcache or none at all (I took the latter).

          The DB Query cache should be done by WordPress itself and your server, please see if you can enable SQL cache within the server and disable that feature within W3TC.

          Let me know if this helps :slight_smile:

  • timstrifler

    Yes I agree with @mindset . I have been experiencing this for quite some time, and it should be fixed by now. It's extremely irritating. WPMUdev does a great job at releasing new plugins and themes and marketing those plugins and themes, but all that is useless if the plugins don't work the way they are supposed to, or fixed when multiple customers complain about the same bug.

    So can someone from WPMUdev please chime in here and let us know what is being done to fix this issue, and when we can expect it to be resolved????

  • Jack Kitterhing

    Hi All,

    I've had a discussion with the lead developer of Domain Mapping about this, he's currently re-working SSO to reduce load times and is also re-working the way cookies are handled, which should stop any and all issues with caching, varnish and any other types of setups.

    It'll need to undergo quite a bit of testing prior to release, but it is being worked and we're aware of the issue, appreciate everyone's patience here.

    Thank you!

    Kind Regards
    Jack.

  • Vinod Dalvi

    Hi Trace,

    Sorry to hear of the problem you are having.

    Ideally its not a good process to post on a thread 8 months old. The plugin has changed since then and so has WordPress :slight_smile:

    To help keep support tickets separate, could you please open a new thread for your new question https://premium.wpmudev.org/forums/#question

    You can also include reference of this thread in your newly created thread if you want to.

    This helps to prevent any confusion (for us) as I'm sure you understand. Also this might help other members looking for a similar answer. :slight_smile:

    We would be more than happy to help you on your new thread :slight_smile:

    Thank you for being a WPMU DEV member and have a fantastic day!

    Cheers,
    Vinod Dalvi

  • Sam

    Hi @Trace

    Sorry for the inconvenience.

    Please visit https://premium.wpmudev.org/contact/

    On the contact form, select "I have a different question", this ensures it comes through and gets assigned to me.

    - Mark to my attention - ATTN: Sam Najian
    - Link back to this thread
    - Include admin/network access
    - Include cPanel (I will need to look at the DB so need PHPMyAdmin or similar)
    - Include FTP
    - Include any relevant URLS for your site

    And please let me know how i can reproduce the issue you're facing.
    With the above i'll take a look and try to have a fix for it in the up coming bug fix release which is already on the way.

    Cheers,
    Sam

  • RavanH

    Just to support Trace's claim here: enven though it's an old threa, the issue has never completely been resolved for us either. Only by switching (back) to https://wordpress.org/plugins/wordpress-mu-domain-mapping/ the issue has gone.

    I noticed there is a 'fundamental' difference in these two plugins: Donncha's domain mapping plugin does not offer the possibility to have the login and admin on different domains and there is no option like "domain entered by the user." Which makes me wonder if the complexity of options provided by WPMUDEV's Domain Mapping has been preventing a solid reproduction and diagnose of the underlying problem...

    I do like the option "domain entered by the user" very much. It both guarantees admin accessibility (in case of domain not beeing renewed or incorrect DNS entries) on the one hand, and in the clients eyes 'normal' WordPress operation where the admin is on the same domain as the front (good for Jetpack's Publisize too!) on the other hand. But then, being prevented from logging in at all is terrible. And in some cases (some settings?) after such a message the client would not even be able to get back to the front end without getting the same message over and over again! Absolutely unacceptable :slight_frown: so we tried with a small adaptation of the message (including a logout link) so the client could at least log out, get to see the front end again and then try again. But after a while we decided to go back to Donncha's Domain Mapping.

    Please note: we're using three levels of caching. An object cache and database cache provided by W3TC, and a static Nginx FastCGI cache. This complicates things even more and might very well be directly related.

    Hope this helps in reproducing and finally fixing it for everybody :slight_smile:

  • RavanH

    Bugger. I ran into this issue again yesterday so this is still not completely resolved.

    Whatever the settings, whatever the caching solutions (server side or plugins) running, original domain admin on HTTPS, using Multi-Domains alongside Domain Mapping or not ... at some point, someone WILL get the "Incorrect or out of date login key" response. And WHEN they do, they're locked out of their site completely!!! Even visiting the front end will result in getting redirected back to this message. And for normal site admins/users there is NO way to get out if this hopeless loop unless they either know they need to clear browser cookies (and how to do that!) or if they have the insight to manually strip the login key from the URL and revisit the login form.

    It looks like it is simply impossible to prevent everyone from EVER landing on that response. It's coded there for a reason after all... So my conclusion: if this cannot be prevented for every case, then the error message MUST be either :

    A. made more meaningful with a simple:

    $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
    wp_die( sprintf( __( "Incorrect or out of date login key. Please clear your browser cookies or <a href='%s'>log out</a> and back in again.", 'domainmap' ), wp_logout_url( $redirect_to ) ) );

    like I proposed way back in 2014 or even better as Sybre proposed with his more elegant version:

    $redirecturl_clean = home_url('/wp-login.php');
    $redirecturl = home_url('/wp-login.php?redirect_to=') . urlencode( $_SERVER['REQUEST_URI'] );
    header( "Refresh:5;url=" . $redirecturl,TRUE,307 );
    wp_die( __( "Your cookies are out of sync. Redirect in 5 seconds, if not click the link below<br /><strong>See this message more often? <a href='https://support.google.com/accounts/answer/32050?hl=en' target='_blank'>Clear your cookies</a>.</strong>", 'domainmap' ) . '<br /><br /><a href="' . $redirecturl . '">' . $redirecturl_clean . '</a>' );

    - OR -

    B. replaced with a forced logout altoghether:

    $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
    wp-redirect( wp_logout_url( $redirect_to ) );

    So please, please, please, PLEASE (Yes I know, I'm shouting here but this realy is a serious dealbreaker problem because I'm loosing clients over this!!!) consider applying such a patch alongside any improvements to the SSO process that are added now or in the future. If not, the whole beautiful tower of features that WPMUDEV Domain Mapping has become, is built on quicksand :slight_frown:

    Thank you kindly for understanding the seriousness of this.

  • jcnjr

    I was just about to start a new topic about this, but others are apparently having the same issue.

    I've tried various suggested fixes above, but we still get the "Incorrect or out of date login key" error when attempting to view a mapped domain/site if logged in to the main site.

    Clearing cookies for both domains did not help. We are not running the Multi-Domains plugin. Three users have reported this issue and I just confirmed it myself. I cannot view the front end nor the dashboard if logged in. When logged out, the site loads fine.

    @Ashok @Vinod Dalvi @aristath I have just granted Support Access at http://tripawds.com Could one of you please review my Domain Mapping Settings to see if I have overlooked something simple? Thank you!

    • mindset

      I have been dealing with this issue for 18 months or so -- I had to stop working on my network because it became impossible to navigate and work -- Fortunately we had not launched yet -- but I need to take the site live -- and I was hoping that they had fixed it --

      This is not good news -- I am a big proponent of wpmudev but this is like the third issue that has brought my development to a standstill or I have had to find a work around -- and though the supports response time for simple issues is excellent - wpmudev does not seem to have the staff to resolve major issues -- I have become very disappointed and my placement of trust and dependency on wpmudev has cost me major delays in my project. I am pretty frustrated with them wpmudev -

  • Predrag Dubajic

    Hi @jcnjr,

    Thanks for posting in this thread, however it might be best if you open your own, even if the issues seem closely related. That way it will remain independent of this one and ensure it doesn't confuse issues here if this thread needs reopening again by the author.

    It also means the member who started this thread or anyone following it isn't inundated with post notifications each time we respond to each other. A lengthy thread could annoy the original poster.
    This also allows us to better track and answer your questions to ensure we don't miss any for you.

    You can start a new thread here and link this thread for reference:
    https://premium.wpmudev.org/forums/#question

    Thank you,
    Predrag

  • Nithin

    Hey ArkonLabs,

    Hope you are doing good today. :slight_smile:

    We would recommended you to create a new ticket to help get your queries answered quickly. Even if the issue seems closely related, replying here won't help neither of us, as this ticket is over a year old. It sounds like a issue that needs specific attention.

    Please follow this link to create a new ticket: https://premium.wpmudev.org/forums/#question

    We would be more than happy to help you on your new thread.

    Have a nice day.

    Cheers,
    Nithin

  • mindset

    I am not sure what submitting a new ticket will do, I have been dealing with this issue for 18 months or so and so have many others. I had to stop working on my network because it became impossible to navigate and work -- Fortunately we had not launched yet -- but I need to take the site live pretty soon and I still have a ton of work to do yet -- and I was hoping that they had fixed it --

    This is not good news -- I am a big proponent of wpmudev but this is like the third issue that has brought my development to a standstill or I have had to find a work around -- and though the supports response time for simple issues is excellent - wpmudev does not seem to have the staff to resolve major issues -- I have become very disappointed and my placement of trust and dependency on wpmudev has cost me major delays in my project. I am pretty frustrated with them wpmudev -

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.