"Done! Now it works AND looks good" - Mads
"Just like the EchoDitto Dev team." - Dan
Shared Multisite Sign-on the Easy Way
This weekend I discovered (quite by accident) a very simple way to enable shared sign-on across multiple Drupal sites running in a multisite configuration.
Suppose you have the following sites:
- phones.com
- htc.phones.com
- iphone.phones.com
- motorola.phones.com
The first requirement is that all the sites be running on the same domain. The examples above work — they're all subdomains of phones.com.
The second requirement is that all the sites share the same user tables. If all your sites are sharing one big database, you don't need to do anything, since all your tables are already shared. (This was my setup.) If some or all of your sites are using separate databases, though, use table prefixing to share the following tables among all your sites:
- users
- sessions
- roles
- authmap
If you use something like content_profile to store profile data, and you want to share that across sites, you'll need to share those tables, too.
So now you've got your users shared at the database level, but a person who logs in at htc.phones.com still won't stay logged in when they visit iphone.phones.com. That's because the 'host' parameter for the cookies on each site are still tied to their individual domains: htc.phones.com for htc.phones.com, iphone.phones.com for iphone.phones.com, and so on. As far as the browser is concerned, each site is entirely separate.
You can break the cookie barrier down pretty easily though (after all, it's just a cookie). Just add the following line to all of your 'settings.php' files:
$cookie_domain = '.phones.com';
The key is the leading period, which functions as a subdomain wildcard.
Drupal picks up on this and rewrites your cookies for you. Now, once you log in to any subdomain on phones.com, you'll be logged in to all the subdomains. Done.
Note that there are a few more requirements for cookie sharing than the ones I talked about. Most people will meet these requirements, but see Nate Haug's article on the subject for more information about the requirements, and for more on setting up table prefixing.
