https://bugzilla.wikimedia.org/show_bug.cgi?id=14407
--- Comment #50 from Platonides <[email protected]> 2012-03-16 13:27:48 UTC --- You can't send a cookie to "all subdomains but a few". You can send it to one subdomain "commons.wikimedia.org, meta.wikimedia.org..." (ie. loading all images), or to all domains *.wikinews.org Which is why we have to load one image per wiki on wikimedia.org Maybe we could perform the following: A login globally sets centralauth_User cookie (only), through a login.domain.org which also set a local login (or through enwiki as done so far). If receiving a centralauth_User cookie for a wiki but not a centralauth_Token or session cookie (and is not logged out), creates a xywiki_session, set centralauth_Token='requestlogin_session_WYZ' and redirect to https://login.wikimedia.org which acknowledge you are logged in, clear centralauth_Token, enable your session and redirect back. Note: If login.wikimedia.org doesn't receive centralauth_Token, cookies might be (partially?) disabled. We shall not make a produce loop. Ask the user to either enable cookies or delete them. This would also be a much stronger login method. Opinions? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
