XenSSO - XenForo Single Sign On [Paid] [Deleted]

[RobinHood]

Does this work with username changes on slave sites? i.e. If you try to change a users name on a slave site will it check with the master database to check it's available, sync the changes and then make the original username available to register on one of the other linked sites?

 

[Deleted member 10469]

What do you mean Zephyr ?

1 login = 5 authentication of a sudden.
So that the user does not have to reconnect between sites

By cons, it is possible to synchronize like this:

Master (user => change avatar) => Slave (Avatar changed).
Slave (user => change avatar) => Master (Avatar changed).

Master / Slave == Slave / Master

It would be easier for the user

 

[Naatan]

Does this work with username changes on slave sites? i.e. If you try to change a users name on a slave site will it check with the master database to check it's available, sync the changes and then make the original username available to register on one of the other linked sites?

No it does not. Version 2 might feature something along those lines, but the current version only takes care of authentication, nothing else.

1 login = 5 authentication of a sudden.
So that the user does not have to reconnect between sites

By cons, it is possible to synchronize like this:

Master (user => change avatar) => Slave (Avatar changed).
Slave (user => change avatar) => Master (Avatar changed).

Master / Slave == Slave / Master

It would be easier for the user

This addon only features single sign on, it does not sync any profile fields.

I'm not following the first part of your message ("1 login = 5 authentication of a sudden"), if you could rephrase that I would appreciate it.

 

[Deleted member 10469]

I'm not following the first part of your message ("1 login = 5 authentication of a sudden"), if you could rephrase that I would appreciate it.

It should be nice to could connect on 5 websites in one time by connecting one time on one of them.

 

[Naatan]

It should be nice to could connect on 5 websites in one time by connecting one time on one of them.

This is the main purpose of the addon; you log in once and you will be logged in on all sites that you have configured. Not sure if I'm miss-understanding you or if you are miss-understanding the addon.

 

[Deleted member 10469]

But when I connect here: http://www.xensso.com
I'm not online here: http://www.xenssoslave.com

After I may be misunderstood, I am French and I sometimes have trouble understanding English

 

[Naatan]

But when I connect here: http://www.xensso.com
I'm not online here: http://www.xenssoslave.com

After I may be misunderstood, I am French and I sometimes have trouble understanding English

It only performs the auto login once per session, this is a compromise I had to make as otherwise it would log the user in again each time they logout. I will improve upon this in the future but atm it's only a minor inconvenience. People can still login manually on all your sites and it only affects those that actually logout during a session and then for whatever reason expect to be logged in again automatically.

 

[Deleted member 10469]

Ok thank you for the answers, I will buy the addon when I could, the price is fixed for the coming months?

 

[Renegader]

So to clear this up, if an user is logged in to the master forum and they visit the slave forum, will they automatically be logged in to the slave forum or do they have to login with their user/pass on the master forum? Also, for example, if an active user with 500 or so posts + a signature and avatar logs into the slave forum, only their name would be kept, right? All other things would be default? And one more thing, if user a registers on the slave forum do they have their username reserved on the master forum? And what if the username is unavailable on the master but is available on the slave?

 

[Naatan]

Ok thank you for the answers, I will buy the addon when I could, the price is fixed for the coming months?

I have no immediate plans to change it.

So to clear this up, if an user is logged in to the master forum and they visit the slave forum, will they automatically be logged in to the slave forum or do they have to login with their user/pass on the master forum? Also, for example, if an active user with 500 or so posts + a signature and avatar logs into the slave forum, only their name would be kept, right? All other things would be default? And one more thing, if user a registers on the slave forum do they have their username reserved on the master forum? And what if the username is unavailable on the master but is available on the slave?

Yes, yes and yes. The only exception to the username "reservation" is if your master/slaves already have conflicts when you first install the addon. If this is the case you'll need to resolve these cases manually (the sync tool gives you a report), but these users can still use SSO by using their email address instead of their username to login.

 

[Renegader]

I have no immediate plans to change it.



Yes, yes and yes. The only exception to the username "reservation" is if your master/slaves already have conflicts when you first install the addon. If this is the case you'll need to resolve these cases manually (the sync tool gives you a report), but these users can still use SSO by using their email address instead of their username to login.

Thanks

 

[cmeinck]

Just a few questions:

1. Does this work with forums that are on different servers?
2. Does it work with Social Network Authentication plugin? Is anyone using these two and can you elaborate on how it works.
3. Any ETA on 2.0 or further development?

 

[Naatan]

Just a few questions:

1. Does this work with forums that are on different servers?
2. Does it work with Social Network Authentication plugin? Is anyone using these two and can you elaborate on how it works.
3. Any ETA on 2.0 or further development?

Yes it works across servers or domains.

I don't know if it works with the "Social Network Authentication" addon, I have not tested it. Theoretically there should be no problem apart from that people using eg. Twitter to sign on won't be using any of XenSSO's functionality, which would be redundant anyway as they are already using Twitter SSO.

No ETA on 2.0, I'm very busy at the moment and I don't want to make any promises I can't keep.

 

[cmeinck]

Yes it works across servers or domains.

I don't know if it works with the "Social Network Authentication" addon, I have not tested it. Theoretically there should be no problem apart from that people using eg. Twitter to sign on won't be using any of XenSSO's functionality, which would be redundant anyway as they are already using Twitter SSO.

No ETA on 2.0, I'm very busy at the moment and I don't want to make any promises I can't keep.

When the initial sync is completed, do users automatically have access to all of the forums using SSO? My thinking is to implement and then do a mailing informing members.

I assume the time associated with the initial sync would be determined by the dupes? I have 5 or so forums that would included, all of which have roughly 100k+ members.

 

[Naatan]

When the initial sync is completed, do users automatically have access to all of the forums using SSO? My thinking is to implement and then do a mailing informing members.

I assume the time associated with the initial sync would be determined by the dupes? I have 5 or so forums that would included, all of which have roughly 100k+ members.

Yes all users will have automatic access to all your connected sites, provided their accounts synced to the master.

Dupes don't make the sync run any slower, it might even make it faster if there are many dupes.. but let's hope that won't be the case.

 

[cmeinck]

In the process of my first sync, where there are over 100k on the master and slave. There is a good amount of users who have signed up previously for master and slave. My understanding is that if XenSSO matches username/email, then I'm good. My concern is that I've got well over a thousand (and counting) users who have come up as failed due to "username is already in use". There are a number of possibilities here:

1. They could be the same user, but chose to use a different email address on slave vs master.
2. They are different users, but share the same username.

When the sync process ends, I'm not sure as to the recommended next steps to resolve these users that have failed synchronization.

 

[CTXMedia]

I manually checked each one in both the master and slave and did a "manual" merge for those that were obviously the same person, then adjusted the username of those that weren't.

 

[Naatan]

In the process of my first sync, where there are over 100k on the master and slave. There is a good amount of users who have signed up previously for master and slave. My understanding is that if XenSSO matches username/email, then I'm good. My concern is that I've got well over a thousand (and counting) users who have come up as failed due to "username is already in use". There are a number of possibilities here:

1. They could be the same user, but chose to use a different email address on slave vs master.
2. They are different users, but share the same username.

When the sync process ends, I'm not sure as to the recommended next steps to resolve these users that have failed synchronization.

The addon does not provide any conflict resolving tools, it just notifies you of conflicts. How you address them is up to you.

Note that the addon will work just fine regardless, users with conflicts simply won't be able to utilize it's features. What you could do is simply send out an email to your members notifying them of the new functionality and asking them to ensure that their e-mail address matches across sites.

 

[cmeinck]

The addon does not provide any conflict resolving tools, it just notifies you of conflicts. How you address them is up to you.

Note that the addon will work just fine regardless, users with conflicts simply won't be able to utilize it's features. What you could do is simply send out an email to your members notifying them of the new functionality and asking them to ensure that their e-mail address matches across sites.

Is there a log outside of the popup, because for over 4000 users that failed sync, I was unable to copy those who have the same username. The window that displays the usernames was too large. Is there any harm in re-running the synchronization process, so I can attempt to capture those names.

Let's say at the end of my sync process I have the following:

User A with same username on slave A as master, but different email. They don't receive the benefits until their email addresses match? Does anything happen to the slave account that would prevent their being able to login? In other words, does the master somehow dictate a change to slave on login ability?

What would be the best way to resolve this scenario? Editing the email address on the slave to match the master? Does it require resyncing or will making the change suffice.

Slave A shares most of the same data as Slave B. I have yet to sync Slave B with the Master. I'm guessing my results will be rather similar, since it's syncing with the Master and not Slave A?

Finally, the Master now shows an additional 100,000 members. Will resyncing Slave A adversely affect the number, thus inflating by an additional 100,000 or will it correctly know that the members have already been synced? A similar question. When I sync Slave B which shares a lot of the data from Slave A, I would suspect it won't add a full 100k to the member list, but just a small subsection at the point where I had stopped syncing Slave A, Slave B back during my vBulletin days?

Sorry for all the questions.

 

[Naatan]

Is there a log outside of the popup, because for over 4000 users that failed sync, I was unable to copy those who have the same username. The window that displays the usernames was too large. Is there any harm in re-running the synchronization process, so I can attempt to capture those names.

No there is no log outside the popup, I plan to add XenForo-CLI integration but we first need to get XenForo-CLI stable.

There is no harm in re-running the sync process.

User A with same username on slave A as master, but different email. They don't receive the benefits until their email addresses match? Does anything happen to the slave account that would prevent their being able to login? In other words, does the master somehow dictate a change to slave on login ability?

Correct, their email would have to match for them to get the benefits of the addon. They do not loose any of their current abilities. XenSSO only comes into play when the default login fails.

What would be the best way to resolve this scenario? Editing the email address on the slave to match the master? Does it require resyncing or will making the change suffice.

Personally I would recommend simply mailing your users to tell them about the new functionality and recommend they change their e-mail address if it does not match across sites. But they would need to have an account on the master in order for the change to be picked up. You could tell them that the change may take up to 24 to 48 hours to propagate and simply re-run the sync job every other day for a while. After a few weeks most people that care about the functionality will have adopted it and the small amount who might find out much later could simply contact you manually.

I do plan to address this better in the future but at this time I've found that only a small percentage of users is really inconvenienced by it and it does not affects new users. Of course when you have a very large community this small percentage might still be significant, which is why I intend to address it.

Slave A shares most of the same data as Slave B. I have yet to sync Slave B with the Master. I'm guessing my results will be rather similar, since it's syncing with the Master and not Slave A?

I'd say that really depends on the size of the community and how likely it is that your members have already registered across your sites. It's likely that a lot of your conflicts on Slave B will be the same that also occurred on Slave A, which means they are not really "new" conflicts and probably boil down to be the same users that have to take action if they want to utilize the SSO functionality.

Finally, the Master now shows an additional 100,000 members. Will resyncing Slave A adversely affect the number, thus inflating by an additional 100,000 or will it correctly know that the members have already been synced? A similar question. When I sync Slave B which shares a lot of the data from Slave A, I would suspect it won't add a full 100k to the member list, but just a small subsection at the point where I had stopped syncing Slave A, Slave B back during my vBulletin days?

Sorry for all the questions.

Re-syncing will simply skip members that have already been synced, so no worries there. Basically if either the username or e-mail matches then no sync will occur as the user already exists on the master.

No need to apologize Ones bound to have questions with a community of that size.