XenSSO - XenForo Single Sign On [Paid] [Deleted]

Status
Not open for further replies.

Naatan

Well-known member
Naatan submitted a new resource:

XenSSO - XenForo Single Sign On (version 1.0.2) - Automatically synchronizes a users authentication state across all your forums.

XenSSO at it's core allows your users to sign up once, then sign in across all your sites with that one login. It uses OpenID under the hood and some custom tailoring for some additional features not covered by OpenID.

Features
  • Single Sign On, of course
  • Automatic authentication when you visit a sister site
  • Username / Email validation checks your SSO database
  • Synchronisation Tool
  • Works entirely in the background (ie. doesn't require a manual to use).
...

Read more about this resource...
 
Naatan,

Ran into a few issues

1) When I tried to log into slave with an account from master server, I got this in the server error log on slave
ErrorException: Call-time pass-by-reference has been deprecated - library/XenSSO/Slave/OpenID/Consumer.php:145
Generated By: Unknown Account, 14 minutes ago

2) I logged in the slave site with an account from master. It logs me in fine but when I go to the master forum, it does not automatically log me in with this account. I'm not logged in at the master site.

My setup may be a bit non standard
Master forum is https://www.domain.com/forum/
Slave forum is http://cn.domain.com/forum/

I install XF on the root of cn.domain and have Xenporta
 
Ran into another issue

My slave forum is a freshly installed, stock XF forum with only one admin account.
The master forum has 15K members, upgraded from VB where many of the members do not require to have their DOB.

So when such a member tried to log in to the slave forum with their master forum account, it will error out because it does not meet the DOB requirement from the stock slave forum. I imagine this will be an issue if we have a large network where the requirement do not match up.

error_msg.webp
 
Naatan,

Ran into a few issues

1) When I tried to log into slave with an account from master server, I got this in the server error log on slave
ErrorException: Call-time pass-by-reference has been deprecated - library/XenSSO/Slave/OpenID/Consumer.php:145
Generated By: Unknown Account, 14 minutes ago

2) I logged in the slave site with an account from master. It logs me in fine but when I go to the master forum, it does not automatically log me in with this account. I'm not logged in at the master site.

My setup may be is a bit traditional
Master forum is https://www.domain.com/forum/
Slave forum is http://cn.domain.com/forum/

I install XF on the root of cn.domain and have Xenporta

Ran into another issue

My slave forum is a freshly installed, stock XF forum with only one admin account.
The master forum has 15K members, upgraded from VB where many of the members do not require to have their DOB.

So when such a member tried to log in to the slave forum with their master forum account, it will error out because it does not meet the DOB requirement from the stock slave forum. I imagine this will be an issue if we have a large network where the requirement do not match up.

View attachment 28177

I will look into issue 1. Issue 2 can be due to lots of reasons, but most likely it's cause you already had a session open with your master server. The addon does not attempt any auto logins if you had already visited the site that browsing session. This is to prevent the addon logging you back in again once you have logged out.

As for the issue regarding DOB, this is also by design. I strongly recommend either having the same DOB requirement across all your sites or making sure your master install has the lowest DOB requirement of all. I could add an option to ignore the DOB when syncing but this quite frankly would defeat the purpose of the DOB requirement.

May I ask that you report any further bugs on the support site? That is after all what it's made for ;)
 
Really awesome add-on, will keep an eye on the development and hopefully add it to my network when it's up :)
 
Since it uses OpenID, could other software which uses it work alongside?

In theory yes. Provided you whitelist the domain and you send the right data you could already use XenSSO as an OpenID provider, but I do not support it in that way. I am working on a separate OpenID addon which will be focussed entirely on making your XenForo installation serve as an OpenID provider. Likewise I'm also working on an OpenID consumer addon.
 
In theory yes. Provided you whitelist the domain and you send the right data you could already use XenSSO as an OpenID provider, but I do not support it in that way. I am working on a separate OpenID addon which will be focussed entirely on making your XenForo installation serve as an OpenID provider. Likewise I'm also working on an OpenID consumer addon.
Cool, I'll wait for that. What I'm looking for is a way to have SSO between xF and say, a Drupal installation which uses the OpenID module.

Thanks.
 
Does this use all auth's of OpenID like yahoo, paypal etc.. Will this allow only one facebook connect to all installs and just to be sure I'm understanding what this does correctly. this will work on multi xF installs across several domains even hosted on different servers? Lastly, does this use ionCube? I have had some bad exp with ionCube modules for WHMCS with authors servers being offline for weeks, resulting in the module unusable, so that's why I ask.


Also, any chance to allow them to choose a different username based on the site, but only one login still via OpenID.. Like say you have one site about Minecraft and another site about Honda cars.. Some members would like the ease of one login across both sites but don't want to be "Miner Joe" on a Honda site or "Accord Jenny" on a Minecraft site.
 
Does this use all auth's of OpenID like yahoo, paypal etc.. Will this allow only one facebook connect to all installs and just to be sure I'm understanding what this does correctly. this will work on multi xF installs across several domains even hosted on different servers? Lastly, does this use ionCube? I have had some bad exp with ionCube modules for WHMCS with authors servers being offline for weeks, resulting in the module unusable, so that's why I ask.


Also, any chance to allow them to choose a different username based on the site, but only one login still via OpenID.. Like say you have one site about Minecraft and another site about Honda cars.. Some members would like the ease of one login across both sites but don't want to be "Miner Joe" on a Honda site or "Accord Jenny" on a Minecraft site.

The addon is powered by OpenID, it does not provide any OpenID functionality for you to use with external services. As said earlier in this discussion though, I am working on an OpenID addon that will provide this functionality.

Users can either sign in by email or username, so their usernames do not have to match, just their email. The addon does not include a way for users to change their username though, so for that you would have to use another addon.
 
I wasn't asking about external services, sorry if I was unclear. I as asking if it uses all OpenID auths or just a select few. There is a mod like this for social engine but it only uses top 10, not all.. So it doesn't offer auth via lastfm linkin etc. So was seeing if this included all. Also my questions about ionCube and if it would work on forums located on different servers were not answered. Sorry, just really want to make sure this will work for me before investing in this and 2 more xF lisc's. Any links you could list too as a working demo?
 
I wasn't asking about external services, sorry if I was unclear. I as asking if it uses all OpenID auths or just a select few. There is a mod like this for social engine but it only uses top 10, not all.. So it doesn't offer auth via lastfm linkin etc. So was seeing if this included all. Also my questions about ionCube and if it would work on forums located on different servers were not answered. Sorry, just really want to make sure this will work for me before investing in this and 2 more xF lisc's. Any links you could list too as a working demo?

Seems I was unclear in turn :) XenSSO is powered by the OpenID standard, it does not offer OpenID functionality outside of it's intended use, which is to connect multiple XenForo sites together. It does not offer authentication with third party sites that are also using OpenID. I am developing an addon for this purpose which will not be part of XenSSO.

It does not matter where your forums are located, it works cross domain, cross server, hell it works cross continent if you want it to (though that would be a bit slow). I have not tested it with ionCube but I see no reason why it wouldn't work, if it wouldn't that would be a pretty big shortcoming of ionCube as it's pretty standard php.

As for sample sites, I'd recommend checking the profiles of the people reviewing this addon as they are probably using it. I know for a fact Anthony Parsons has it running on his sites.
 
Oh I see, I was under the impression it used the OpenID auth, where I could connect to all the forums using it in the network using my Yahoo account to create my single forum account across the network of forums. So, the mod uses OpenID standard and theory, but not true OpenID auth SDK. I will contact Anthony Parsons to ask him for some URLs.. Thanks for the fast answers. I will most likely be buying this soon.
 
is the name "Single Sign On" a bit of a misnomer ?
SSO usually refers to integrating more than one part of a site into a Single Sign on.
A bridge between XF and WP is a good example.

Isn't this really Xenforo Multi-Site ?
 
Can anyone using this please either post their sites here or PM me the links as I'd like to see it in action before purchasing. I contacted Anthony Parsons as Naatan suggested, but he decliend to give me his URL to give it a try out.
 
I'm only testing it locally for now, so unfortunately, I cannot showcase anything just yet. IT might be a few weeks before I have stuff publically accessible.​
 
Can anyone using this please either post their sites here or PM me the links as I'd like to see it in action before purchasing. I contacted Anthony Parsons as Naatan suggested, but he decliend to give me his URL to give it a try out.
Yes, sorry... though unfortunately my network is not a test site for SSO, it is a live environment.

I have a locked development environment that is used exclusively for testing this product, however; I do have a few unused XF licenses, so... I will register a couple of domains and create a specific public test environment for this add-on, as I will certainly be open to helping Nathan future test each addition, thus the site can be used to achieve this with, as well as work as an open site for those wanting to buy the product to test registration upon to see what happens.

I will setup one as a master, a slave using a local https certificate (so you will get a security error) to demonstrate any site in the network can be https and a sub-domain slave as well, allowing people to see what happens when you register upon a slave or master, then login to a different slave.

I will post all this at Nathan's support site in the next 24hrs +/-.
 
In theory yes. Provided you whitelist the domain and you send the right data you could already use XenSSO as an OpenID provider, but I do not support it in that way. I am working on a separate OpenID addon which will be focussed entirely on making your XenForo installation serve as an OpenID provider. Likewise I'm also working on an OpenID consumer addon.
That really sounds great, can you tell when you are able to release this addon? I do not want an exact date, but are you talking about days, weeks or months?!
 
Status
Not open for further replies.
Top Bottom