Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Works on Local host not on production box

edited November 2011 in Vanilla 2.0 - 2.8
Could someone help me troubleshoot this.

I have the newest version of proxyconnect, and it still doesn't work. On my localhost things work fine. My settings keep the cookie domain blank. On production I have tried setting the cookie to .domainname.com, domainname.com, to blank, to everything I can think of, but it still doesn't work. '

Kind of at my wits end here. I got it set-up in five minutes on test, I am going on 24 hours trying to get it working remotely.

Best Answers

  • TimTim Operations Vanilla Staff
    Answer ✓
    Matt,

    auth.php is still not right. As per the documentation, Important: If the request does not match up with a "signed in" user, your Authenticate URL page should remain completely blank. Something more like:
    <?php
    session_start();

    // If no valid session, page remains blank
    if (!isset($_SESSION['id']) || empty($_SESSION['id'])) exit;

    // else provided credentials
    echo "UniqueID=". $_SESSION['id']. "\n" ;
    echo "Name=". $_SESSION['firstname']." ".$_SESSION['lastname']."\n";
    echo "Email=". $_SESSION['email'];

    ?>
    ProxyConnect works by cookie sharing. The reason you set your cookie domain to something as generic as ".domain.com" is because this makes the browser send those cookies along even when accessing a subdomain. So when you access your forum, you're also sending the cookies for your remote application. ProxyConnect forwards those cookies along when it makes its behind-the-scenes call to your app. This is how your app gains the user's context.

    Can you give me access to your site so I can have a look at what's really going on?

    Vanilla Forums COO [GitHub, Twitter, About.me]

  • Ok I fixed this, the problem was not the Auth file or the domain. I was using embed, and the embed code was linking to www.mydomain.com/forums/ instead of /forums/ so when I was logged into mydomain.com it was getting confused. The plugin should work accross sub domains, but it isn't for some reason, but with a relative url it seems to work.

Answers

  • edited November 2011
    So when I test my proxy connect settings, through the new test UI. it is giving me this:
    UniqueID=
    Name=
    Email=

    but when I go to auth.php the fields are not blank it is giving me the correct values.

    So what I am doing wrong.

    Here is my code

    <?php
    session_start();
    if(!$_SESSION['loggedIn']) // If the user IS NOT logged in, forward them back to the login page
    {
    header("location:signIn.html");
    }

    echo "UniqueID=". $_SESSION['id']. "\n" ;
    echo "Name=". $_SESSION['firstname']." ".$_SESSION['lastname']."\n";
    echo "Email=". $_SESSION['email'];

    ?>
  • TimTim Operations Vanilla Staff
    So firstly, your auth.php is not behaving according to spec. I don't know why people always do this but you should not be redirecting if the user is not logged in. Read this: http://vanillaforums.org/page/singlesignon - one of the highlighted notes in the "How do we do it?" section specifically says that.

    Vanilla Forums COO [GitHub, Twitter, About.me]

  • TimTim Operations Vanilla Staff
    Secondly, your cookie domain for your REMOTE APPLICATION (the one with auth.php) should be .domain.com - there are no different settings to try, thats the one you should be using, period.

    For your vanilla install, the cookie domain should either also be .domain.com, or some subdomain thereof. That part doesn't matter as much. What is most important is that your remote app and vanilla should both share a common TLD.

    Vanilla Forums COO [GitHub, Twitter, About.me]

  • edited November 2011
    Tim,

    thanks for your help.

    I changed the code to:
    <?php	
    session_start();
    
    echo "UniqueID=". $_SESSION['id']. "\n" ;
    echo "Name=". $_SESSION['firstname']." ".$_SESSION['lastname']."\n";
    echo "Email=". $_SESSION['email'];
    
    ?>
    Still getting the same error. I have the domain set as the default to. I was concerned before my host was setting it to something non-obvious and it was actually, 3432.sharedhost.com instead of my domain name. But I don't think that is the case now.

    I think when I request this code, it has me logged in, but when proxyconnect makes the request it isn't me, so how do I give it the correct context?

    FYI:The br's in my code are being added by the forum software
  • TimTim Operations Vanilla Staff
    Answer ✓
    Matt,

    auth.php is still not right. As per the documentation, Important: If the request does not match up with a "signed in" user, your Authenticate URL page should remain completely blank. Something more like:
    <?php
    session_start();

    // If no valid session, page remains blank
    if (!isset($_SESSION['id']) || empty($_SESSION['id'])) exit;

    // else provided credentials
    echo "UniqueID=". $_SESSION['id']. "\n" ;
    echo "Name=". $_SESSION['firstname']." ".$_SESSION['lastname']."\n";
    echo "Email=". $_SESSION['email'];

    ?>
    ProxyConnect works by cookie sharing. The reason you set your cookie domain to something as generic as ".domain.com" is because this makes the browser send those cookies along even when accessing a subdomain. So when you access your forum, you're also sending the cookies for your remote application. ProxyConnect forwards those cookies along when it makes its behind-the-scenes call to your app. This is how your app gains the user's context.

    Can you give me access to your site so I can have a look at what's really going on?

    Vanilla Forums COO [GitHub, Twitter, About.me]

  • Ok I fixed this, the problem was not the Auth file or the domain. I was using embed, and the embed code was linking to www.mydomain.com/forums/ instead of /forums/ so when I was logged into mydomain.com it was getting confused. The plugin should work accross sub domains, but it isn't for some reason, but with a relative url it seems to work.

Sign In or Register to comment.