Skip to:
Content
Pages
Categories
Search
Top
Bottom

Several Buddypress sites one login?

Viewing 13 replies - 1 through 13 (of 13 total)

  • Andrea Rennick
    Participant

    @andrea_r

    All in one WP install? In 3.0?

    Pretty much default behaviour.

    No I was planning on setting all up with 4 diff. installs. They will have diff. domain names just want them to be able to use one login.

    If they share the same DB then simple as setting up custom_user_table & custom_user_meta_table


    Kye
    Participant

    @gmax21

    I don’t understand Keiter, why not use WPMU and then have the domain mapper plugin?

    You could set up four sites with it and have each site with its own domain?

    WPMU Dev have a premium plugin or you could Donncha’s free one.

    @ Andrea_r

    Thanks for the 3.0 mention wasn’t aware they were merging the two, been away for a couple of years. Amazing stuff!

    Good to see your still around! :-)


    Jeff Sayre
    Participant

    @jeffsayre

    I assume that you will have mutliple domains, each with their own BuddyPress install. If that is the case, there is no easy solution available. What you are asking for is a single-sign on (SSO) solution between multiple domains that each have their own BP instance. This is beyond the scope of a single WPMU install with a domain mapper. This is not an easy thing to do by yourself and I’m afraid it will not be possible at this time without some heavy custom coding on your part.

    SSO is a hot topic with several technologies and standards trying to work their way into acceptance and use. The best-known of these is currently OpenID.

    There is a WordPress plugin that allows you to integrate OpenID sign ons within a WordPress site, but it is out of date. With both Chris Messina and Will Norris having recently been hired by Google, I’m not sure if this plugin will be updated any time soon. I suggest contacting the Diso Project and inquire about the status of their WordPress efforts.

    Also, there is talk of implementing the Open Stack in a future version of BuddyPress. But this will not be anytime soon.

    Another possibility, which in my opinion is the best solution for facilitating federated identity management across the Web, is FOAF+SSL as a WebID. But that solution is even further off at this stage as it requires individuals to implement their own WebID. OpenID is a 3rd-party identity provider whereas a properly-implemented WebID is a 1st-party solution that each individual owns and controls.

    WebID is a 1st-party solution that each individual owns and controls.

    Or even something like Lasso http://lasso.entrouvert.org/documentation/writing-a-php-sp.html


    Kye
    Participant

    @gmax21

    @ Jeff

    Couldn’t Buddypress be used with the domain mapper plugin to have it enable for each domain? Or the multi-domain plugin for offering blogs on different domains from one install?


    Andrea Rennick
    Participant

    @andrea_r

    If you did that, you’d have exactly the same BP on every single site – no separation of users.


    peterverkooijen
    Participant

    @peterverkooijen

    I would need this as well at some point

    Say you have a network of four sites. When a user tries to log in one of the sites (‘New Community’) with a username and password from one of the other three sites, he gets this:

    ERROR: Invalid username. Lost your password?

    Would it be very complicated to write a plugin that checks if the entered username exists in the other three databases? And then verify the user’s password by checking in that same database? And then enter that user’s data, including username + pass, into the ‘New Community’ database?

    Could it copy some functions/code from the new Facebook Login plugin?


    Jeff Sayre
    Participant

    @jeffsayre

    @Peterverkooijen

    Would it be very complicated to write a plugin that checks if the entered username exists in the other three databases? And then verify the user’s password by checking in that same database? And then enter that user’s data, including username + pass, into the ‘New Community’ database?

    This could be done but the issue would be security as you are grabbing data across domains. I am not a big fan of pushing and pulling your members’ most important data across domains–that data being usernames and passwords. It exposes your site in a potentially dangerous way. Implementing security measures would be essential.

    The best option is to allow your users two choices in accessing your suite of sites:

    1. A separate account for each site–which means you do not need to do anything different

    2. A single sign on (SSO) solution, be it OpenID, FOAF+SSL, or even the Facebook Connnect Plugin

    The Web is slowly moving toward SSO as a standard option for users. In my opinion, this is the way to go.


    Kye
    Participant

    @gmax21

    @ Andrea_r

    Yeah I realise that now after having a play with it

    I inadvertently asked a similar yet different question in another thread, perhaps it could be considered a half way for this also. It involves using the domain map plugin and then adding the following to the wp-config.php:

    Allow BuddyPress to function on multiple blogs of a WPMU installation, not just on one root blog:

    define ( ‘BP_ENABLE_MULTIBLOG’, true );

    It wouldn’t give each site its own buddypress, but it would let you share the one install.

    I’ve not actually tested all this but it seems logical.

    I know there also use to be a plugin that allowed you to be an oid provider, the WP directory shows its last update as 2007 though so not sure how viable an option that would be.

    https://wordpress.org/extend/plugins/mu-open-id/


    peterverkooijen
    Participant

    @peterverkooijen

    This could be done but the issue would be security as you are grabbing data across domains.

    I figured that would be an issue and it is important. In my case the sites are all on the same hosting account, so only the database connections would be slightly different. Everything happens on the server. I don’t think any user data would have to be pushed or pulled across http. And in any security issue you have to weigh security against convenience to the user; my sites are not banking sites.

    A third party single sign-on solution is not the same as offering single sign-on within your own network of sites. I do use the Facebook Login on my sites and think it’s pretty cool, but personally I’m not a fan of Facebook and it’s not going to be The Standard forever. Should I add Twitter Login? LinkedIn login? OpenID seems to be going nowhere. There will never be one web standard that you can implement and be done with it.

    @gmax21, the multiblog approach could work if you start from scratch, but it sounds like you’d run into all kinds of other thorny issues if you add different projects over time and later decide you want to give users access to those other projects. It sounds complicated and unwieldy to do everything in one installation.

    I have long thought that the breaking down of silos such as Facebook and Twitter to a more distrubuted system would make sense although they do form an easy entry and an openly(?) available area that can be used for public messaging.

    My solution is to have an intermediary that can be configured to allow messages to be passed through to other systems according to a security setting that can be applied at admin or user level as required. Additionaly I thought that a similar configuration could be used for discovery of users – e.g. you could set yourself up as only available on your server, someone else might want to be available to a group and yet someone else would be publicly available.

    In such a setup your users would only need to sign on once – to the server that they belong and would then be able to see any other user that is a trusted server in the group. In your case the security issues would be minor as you are on the same host although I can see that there may be a need to encrypt transmissions if it were open net traffic.

    I am working on this now although don’t have anything to show you yet – will be more than happy to do so when there is a version for testing if you want

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Several Buddypress sites one login?’ is closed to new replies.
Skip to toolbar