Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-9622

Users are not properly authenticated on subwikis on first page load on domain based multiwiki

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 5.2
    • Fix Version/s: 5.2.1
    • Component/s: Authentication
    • Labels:
    • Difficulty:
      Unknown
    • Documentation:
      N/A
    • Documentation in Release Notes:
      N/A
    • Similar issues:

      Description

      This issue reproduces in quite a particular context. The usecase would be a domain based multiwiki with global users, where users want to login on the main wiki and then be authenticated automatically on the subwikis when they navigate to the subwiki.
      Steps to reproduce:

      1. set farm to domain based in the preferences (in xwiki.cfg as well as in xwiki.properties)
      2. in xwiki.cfg, set xwiki.authentication.cookiedomains to a subdomain of main wiki (for example, if the main wiki is available at main.localhost.localdomain, cookies domain should be localhost.localdomain ) - if it's not a subdomain, bug XWIKI-9624 will kick in and authentication would not work properly.
      3. subwikis should be accessible at subdomains of the same domain as the wiki main wiki (e.g. foo.localhost.localdomain)
      4. go in the main wiki, authenticate with a global user
      5. go to another wiki, you'll find yourself not authenticated
      6. refresh the page, you'll find yourself authenticated.
        Old behaviour (and expected behaviour) was that you would be authenticated on the first load of a page in a subwiki, not on refresh.

        Attachments

          Activity

            People

            • Assignee:
              vmassol Vincent Massol
              Reporter:
              lucaa Anca Luca
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Date of First Response: