Michael Collins Posted August 11, 2023 Posted August 11, 2023 We have changed from using this SSO plugin to using the the MiniOrange SSO to link between Wordpress and Invision. We are having issues with users who were logged in during the switchover, everyone else is fine. They can access WordPress but when they try to go to Invision they get a too many redirects error. We have logged everyone out of WordPress and also used the button in Invision to log all users out, but I don't think that actually worked. People are still getting the issue. The only way it seems to resolve is by going to an incognito window or a device they have never used before and logging in that way. Is there any other way to get around this without getting everyone to take these manual steps? We're getting this system log.
Marc Posted August 11, 2023 Posted August 11, 2023 If its working on a device they havent used and incognito, the issue there cannot be with the software unfortunately. What is different there is cache and cookies. Please get those users to clear both
Michael Collins Posted August 11, 2023 Author Posted August 11, 2023 Hi Marc, Thanks for the info. We have users that are generally not very tech savvy and giving them instructions like that causes a lot of confusion. If there is any possible way you can think of getting around having them perform manual steps like this it would be good to know.
Nathan Explosion Posted August 11, 2023 Posted August 11, 2023 If you are self-hosted, change your cookie prefix - immediately renders existing cookies useless. COOKIE_PREFIX If you currently have a constants.php file and have that defined in it, change it. If you currently have a constants.php file and do not have that defined in it, or you do not currently have a constants.php file then currently the prefix would be 'ips4_' so use something different. Marc 1
Michael Collins Posted August 11, 2023 Author Posted August 11, 2023 @Nathan Explosion We didn't have a constants.php file. I created one using these instructions which just looks like: <?php define( 'COOKIE_PREFIX', 'yihcookie_' ); It looks like I was automatically logged back in again after this by the oauth setup I think? I will keep an eye on it to see if users are still having issues now.
Michael Collins Posted August 14, 2023 Author Posted August 14, 2023 Just as an update, this didn't solve our issue either. We've left the miniOrange OAuth plugin for now and returned to what we used previously.
Recommended Posts