[wp-hackers] Single sign-on SSL domain
Andy Skelton
skeltoac at gmail.com
Fri Jul 24 21:49:53 UTC 2009
Examine how wordpress.com does it with mapped domains using a single
wildcard cert. You would only have to invent a reversible way to map the
domains to subdomains matching the cert.
Andy
On Jul 22, 2009 6:00 PM, "Scot Hacker" <shacker at birdhouse.org> wrote:
I'm in a situation where all WP logins will need to go SSL. We have a lot of
domains but not a lot of IP addresses to go around. Historically all of our
domains have been vhosts on a single server. But since SSL requires one IP
per domain, we're kind of stuck.
Two possibilities we're considering:
1) Require all logins to be OpenID, pushing the login process off to another
server so we don't have to worry about it. The challenge here is that the
existing OpenID plugin for WP does not provide a way to *force* OpenID
logins. Submitted a ticket to that project asking for the feature, but no
response in two weeks.
2) Somehow configure apache to route login requests to a central domain for
sign-in. So:
ssldomain.edu <-- has cert
Attempting to log in at domain.org would pass the user to ssldomain.edu for
authentication and then back to domain.org. I believe I can use an apache
Alias system so that the user would really be at
ssldomain.edu/domain.orgbut would appear to be at
domain.org. Has anyone tried something like this? Tricky? Successful?
Pitfalls? Recipes to share? What would need to happen on the WP side to work
with a system like this? Is it even possible?
3) Other... ?
Thanks for any suggestions.
Scot
_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list