Issues with domain mapping and all HTTPS on non-mapped domains

Hello,

I'm trying to get this working and I'm sure there's a way, but I can't figure it out. Here are my goals:
1) My multi-site install is using subdomains for user sites. For example artlauncher.online is the main site, thibaultfineart.artlauncher.online is blog 2, etc.
2) I would like *.artlauncher.online to use HTTPS. I have a wildcard SSL cert and this is working.
3) I would like all admin and login traffic to go over HTTPS (hence use *.artlauncher.online URLs instead of the mapped ones). This was working until I introduced domain mapping to the mix.
4) The front-end pages can use whichever domain was entered to get to them, or redirect to the users' mapped domains...I don't care which.
5) I need to have certain URLs (cart, checkout, etc) use HTTPS.
6) I don't want users to have to buy SSL certificates for their mapped domains.

The way I have it set up right now, when you go to test.thibaultfineart.com and click the Sign In link, it redirects to thibaultfineart.artlauncher.online/wp-login.php. So far so good. Then, when you successfully log in, it redirects back to test.thibaultfineart.com. However, at this point, the "Sign In" link is still there. In my code, it checks is_user_logged_in() and if not it presents that link. Therefore, when it gets redirected back to test.thibaultfineart.com it thinks you're not logged in and shows that link again. If I click Sign In again, it immediately redirects to thibaultfineart.artlauncher.online/wp-admin without prompting for log in. I would like for it to know when redirected back to test.thibaultfineart.com that the user really is logged in. Also, at that point it should show the black admin bar across the top of the window, and it doesn't. I have set cross-domain autologin to yes and unchecked the asynchronous box. I would expect those to do what I want here, but they don't seem to be.
Please advise as to which are the correct settings to make this happen. I'm sure it's not an odd use case, but the documentation for how to do it seems to be sparse.

You can check this out at test.thibaultfineart.com (one of my user mapped domains pointing to a test system).

I have enabled WPMU Dev support access for your convenience. I appreciate your help.

Best,
Dave

  • David Thibault

    Along these same lines, is there a preferred alternative to is_user_logged_in() when using domain mapping? Also, is there a built-in function to find the non-mapped domain for a given blog in multi-site? I'm building my own plugins and I need to either know how you recommend to intelligently call functions to get this info or build my own functions intelligent enough to figure it out. I just tried building my own function to get the non-mapped host name, but it was passing back results that were unexpected, as if the domain mapping plugin was overwriting my function results somehow.

    For example, this code:
    global $wpdb;
    $blog_id = get_current_blog_id();
    al_log("Blog id is $blog_id");
    $siteurl = $wpdb->get_var("select option_value from $wpdb->options where option_name = 'siteurl'");
    al_log('SITEURL: ' . $siteurl);
    ?>
    <script type="text/javascript" src="<?php echo $siteurl;?>/marketing/form/generate.js?id=1"></script>

    results in this in my logs:
    [10-Jun-2016 20:17:07 UTC] Blog id is 2
    [10-Jun-2016 20:17:07 UTC] SITEURL: https://thibaultfineart.artlauncher.online

    but this outputs to the front page:
    <script type="text/javascript" src="http://test.thibaultfineart.com/marketing/form/generate.js?id=1"></script>

    See how it thinks it's returning https://thibaultfineart.artlauncher.online but somehow something is overwriting it before it's output? There's no cache plugin enabled right now, either.

  • Sajid

    Hi David Thibault,
    Hope you are doing good today :slight_smile:

    3) I would like all admin and login traffic to go over HTTPS (hence use *.artlauncher.online URLs instead of the mapped ones). This was working until I introduced domain mapping to the mix.

    To use original domains with HTTPS on administration and login - go to Network Admin -> Settings -> Domain Mapping -> Mapping Options and select "original domain" for Administration mapping and Login mapping.

    Alternatively, is there a way to make Marketpress use sessions instead of cookies for storing the cart info? That might be a way around the cross-domain cookie issues.

    I don't think its possible out of the box. However, I contacted the developer to get his invaluable feedback on this matter.

    You have asked lots of questions that really make the support process slow and inefficient. Please start separate threads for all other questions to get faster response and according to our forum posting rules. This will also help us manage each issue in its own ticket and help other members in future find an answer looking for same solution.

    Hope that helps! Feel free to post a reply if you need further assistance :slight_smile:

    Best Regards,
    Sajid

    P.S: I tried login with support staff access but could not access your site. I kept getting 0 on the screen. Please revoke the support access and grant again.

  • David Thibault

    To simplify the many questions, upon further research while awaiting your response, I began thinking all of these issues are because of cross domain cookies. That would explain the marketpress cart issues as well as the admin header bar not showing up, I think.

    I think in situations like this the fix will be to use sessions (either in db or preferably in memcached or something) to get around the issue.

    Best,
    Dave

  • David Thibault

    Also, I took down that test instance because I was paying for it by the hour on AWS and only leaving it up for you to look at. Let me know if you need it up again, but at this point I don't think the devs need it to answer whether they have a solution for cross-domain cookies that will enable domain mapping to work properly with MarketPress and SSL on the original, non-mapped subdomains.

  • Sajid

    Hi David Thibault,
    Hope you are doing good today :slight_smile:

    I am sorry but using cookies on cross domains is something that is not possible out of the box either using Domain Mapping with MarketPress. Its not a limitation of our plugins but browser security that is why browsers don't accept cross domains cookies.

    However, there are some workarounds mentioned in this stackoverflow thread (that you might already come across) that can be used to achieve this.

    I have asked Developer to use sessions instead of cookies but still waiting for his response. But I personally think it would be like creating a new shopping cart from scratch (that is definitely beyond the level of support of this forum). But we can still wait for developers response on it.

    Hope that helps! Feel free to post a reply if you need further assistance :slight_smile:

    Best Regards,
    Sajid

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.