I have two instances of Drupal on same server instance 1 and instance 2 with different databases. I want to do following functionality so I will go ahead for my work.
Unique login for both instances. When I login to instance 1 then if I open url of instance 2 on same browser then it should not ask for me login.
While any add/update operation perform on instance 1 or instance 2 then user table should be updated in both databases.
Please let me know so I will go ahead.
Thanks in advance.
If there you I would utilize Drupal`s openid (oAuth) technologies. That could be done with some minor coding or even a couple of modules.
That would allow you to create linked accounts but different profiles for each site. You would have a setup like it is here at stackexchange network and some additional functionality.
EDIT: There is a module called OpenID URL.It will give your users ability to use their profile pages as OpenID URLs. You could do it with a just a tad of coding.
Then you could simply copy "Loin with OpenID" URL form your other site and name it "Create joined account..." or something like that.
You could use oAuth technology if you want more advanced connections.
There is also a possibility to create a multisite website.
I have not tried this module yet, but it sounds promising, to solving your first part of the problem: project bakery.
Bakery provides a "single sign on" feature for Drupal based sites that
are on the same second-level domain (i.e. example.com,
subsite.example.com, subsite2.example.com). It could also provide
support for any other website that implements the same web cookie,
xmlrpc, and POST methods.
For the second part I'm very interested in a solution. The only thing I can come up with at the moment, is some kind of RSS feeds. I know you can create nodes based on that.
Related
Currently, we are running 2 web pages based on WordPress, custom application built in JS (Hapi, Angular, Mongo), as well as self-hosted GitLab repository and hosting based on ISP Config. Currently, user which want to use more than 1 service is forced to create multiple accounts.
What would be the best approach to centralize it assuming that we want:
a user to use same credentials on each page
allow a user to log in using social login (Facebook, Google, Twitter) and still keep his single profile
centralize information about user services, usage and billing information (invoices)
We do not want overcomplicate the solution, therefore, we don't want to centralize access management and obtain them from centralized server, each page/service will maintain it's on it own (i.e. when user makes a purchase in on of the WP sites (woocommerce) wordpress itself will maintain order and we will write custom code to report sale to centralized system for billing purpose)
We are currently considering using LDAP or Kerberos, what would suit better?
Secondly - how to cover part regarding social login? I assume that we should still allow user register using OAuth2 and somehow synchronise the data between each service and centralized system. Is there another way?
Your desires [correct me if I'm wrong]:
You have two apps that are essentially separate things.
These apps can be served from a web page via HTTP, and either don't
have an auth system or need one revamped.
You want a centralized login system with social auth.
You have a single business entity.
You want a single, combined source of data for e-commerce.
You are essentially setting this up from scratch on the WordPress
backend side, there is no current mixed ecosystem of users.
My thoughts:
You DO NOT want LDAP or Kerberos. Those solutions are much too complex for this situation.
You want a SINGLE WordPress install. You can easily setup the backend to answer to multiple domains. In other words a single wordpress install can handle pages at "domain1.com" and "domain2.com" and render the pages with compleately different headers and text to make them APPEAR as two sites. There is no reason to maintain two separate lists of users, because you want a single system to login. Differentiate the users based on their business data, i.e. user1 has data "registered on SiteA", user2 had data "registered on SiteB" etc.
You can place your app into a WordPress page, then use is_user_logged_in() to firewall it behind WordPress. This is an industry standard method of auth and extremely secure if setup correctly. Or if it's a data api, you can place it as an endpoint and leverage the exact same auth system.
Any of the major social auth plugins that are popular in the free .org repo should work out the box with this method.
If you are going to associate blogging, that is, many "posts" about the products, and you want those blogs to be different ecosystems, with different sets of users, you are looking for WordPress Multi-Site. I don't think this is what you want. You don't sound like you are going to "blog". Or at least every page is going to be meticulously curated on these combined sites. So you're probably looking for just a single install to serve content to two domains. NOT MULTISITE.
You should use WooCommerce, simply because it is the most widely supported platform. Setup is 100% free.
You can easily serve pages that are branded totally differently, even in one install. For instance, one WordPress site can serve pages to two domains, and put different logos and headers on the top of the page to make them appear different. One physical machine can serve two domains.
Bottom line: You want a single WordPress setup on a single machine, serving two domains. The content and appearance on the domains can be different at will. Use any popular social auth plugins in the .org repo to firewall the apps.
I´m currently developing the Intranet for the company I am working for. The site is currently based on SharePoint, but I have to migrate it to Wordpress. And that´s my first developer experience with Wordpress, you just should know. Creating the theme, content and working with the WP Admin area works very well, but where I´m feeling defenseless is the permissions topic.
Generally, the whole page content is managed by the Marketing department. So, for me it is ok that they have access to WP Admin and I would use one of the predefined roles available.
But there will be also an area for the departments where specified users per department should be able to
edit the pre created page content
add subpages and edit its content (it would be nice if it can be defined which page templates can be selected by the user)
add posts for a pre created category (that should not be changeable by the user)
edit its profile and password
A whole access to WP Admin should be therefore prevented.
I read much information about roles, capabilities and reviewed forums and blogs presenting potential plugins. But to be honest, I´ve lost the overview and I´m totally scared about what´s the right way to do such like this the professional way.
Is there anybody who was already in such a situation or knows a good resource where to read more?
Thanks a lot.
John
PressPermit is the tool I choosed. It covers all needs described in my question.
Note: To use all features, you need to buy a support subscription currently available for $55 a year for one site.
However, a very powerful tool and in comparison to Advanced Access Manager I tried before, it really supports permissions also for multiple roles.
If you are thinking about, use the screencasts to see if the tool cover your needs. Unfortunately, there is no trial available, but you can request an evolution wordpress installation which was setup within one day in my case. This service costs $5.
I need a little bit help with user management.
I have an education site (not ready yet), i need two registration:
First for students, they can register to courses with name, email, phone number etc.
Second for teachers, who can register with name, email, year of birth etc., but teachers can register for courses too.
But when a teacher wants to register for courses too, i want that she/he can use same email address, name etc. too. And i want it, after a teacher register both place, on the wp-admin/users i see just one registration.
There is any plugin which is easy to do it?
Thanks for your help!
The answer is 'no' there is no easy plugin for this. I'm DV the question though.
I'm going to go out on a limb here and suggest that you not use Wordpress for this website and you consider building everything yourself. You are already hitting the constraints of Wordpress in that it is difficult to assign multiple roles and manage them consistently. I'm going to take another guess and say that even if you launch using Wordpress, you'll quickly outgrow it and need to rewrite your entire application.
If you build the application yourself, you can design the user database however you want and allow users to have one or more roles (i.e. student and/or teacher). Then your application can use the roles a user has to determine what to display to them.
If you want to reduce your overall dev time, piece together third-party APIs and tools. If you are using Node.js, check out Keystone.js (http://keystonejs.com), Hatch (http://hatchjs.com), and other CMS tools. You can also look for a user database like Passport (https://www.inversoft.com/products/user-database-sso) that give you a bunch of user management features. There are tons of free or open-source tools out there that can help you build this application quickly.
I've been assigned to add some features to an existing newspaper. This newspaper is based on Wordpress. They want to add a subscription feature for subscribed users to receive email with the latest news and some other stuff.
They also want a coupon system, which I'm planning to implement using CouponPress (http://www.couponpress.com/) which is a separate Wordpress installation for coupons.
They want to keep the subscribers functionality completely separated from the main blog to avoid opening security holes for attackers to gain admin or editor roles and mess with the newspaper.
What do you recommend for this?
If I keep the subscription feature attached to the second blog, is there a plugin or something to automatically email the subscriptors of the second blog with latest entries, a daily or weekly? I want the second blog to look as part of the first one for users. Maybe replicating the user list somehow in the main blog, but avoiding sign in on it.
What do you think?
Thanks for your help
just throwing an idea for the subscription feature, if you do go the path of subscription to the other blog you can write some quick and dirty function to query the new or even an sql trigger to copy new user recordds to the other db (I don't know if mysql allows for inter db copy triggers)
but - I don't really know what'll you'll achieve that way. if the data isn't secure and sanitized someone could try to run an sql injection. and then copying the record to the other db would contaminate it either.
better use on of wordpress good security plugins, harden server access etc
I use Drupal with CiviCRM for our nonprofit's public site and CRM database, and Open Atrium for the intranet. My goal is to either sync or share specific users from the public site to the intranet, to allow single sign-on.
However, only users who are part of a specific CiviCRM smart group (volunteers) should be shared/synced. I could use the module to sync CiviCRM groups with Drupal organic groups if that would make this task easier.
Any thoughts?
Usually, the Domain Access module is used for synching users and whatnot, but your requirement that only certain users be synched throws a wrench into that setup.
Therefore, I'd recommend that you either:
Sort through that module's documentation to see if it provides any hooks so that you can filter down the user list, and if not...
Just look at how that module does its heavy lifting and write a custom module to do the same but only with a limited set of users.
Actually, you can use Account Sync for this. (where only a sub-set of users is required.)
Just create a sync role and assign account sync permissions to that role only.
Use a server key to encrypt this as you would for XML-RPC.
http://drupal.org/project/account_sync
If Single Sign-On is your goal, Bakery provides single sign-on between multiple Drupal sites (including Drupal.org and other sites in the *.drupal.org network, something of a recommendation).
Worth checking out - while it does involve some additional setup / config, it doesn't mess with Drupal so much as some other options.
It does require that your sites are on the same base domain, and that they are on the same protocol (can't mix https://example.com with http://foo.example.com).
See Bakery documentation for further info.