Security concerns when creating tenants with a prefix only

Topics: Customizing Orchard
Nov 7, 2012 at 7:57 AM


Lets say that we have a following scenario:

  • Default tenant
    • url: http://localhost 
    • user: admin
  • Tenant1
    • url: http://localhost/tenant1 
    • user: administrator

When I'm logged in as a admin user within a default tenant I'm also able to access a tenant1 as a administrator without passing any credentials for tenant1.

My organisation wants to use Orchards MultiTenancy but this scenario is problematic for us as we want to have hundreds of tenants and we cannot allow for singnle-sign-on like behavior between tenants.

Could someone please advice if there is a built in functionality that could address that or do we need to build something custom ?

Nov 7, 2012 at 8:10 AM

That's a bug. Please file it. Workaround is to use separate domains.

Nov 7, 2012 at 8:26 AM
Edited Nov 7, 2012 at 8:34 AM

Separate domains are not possible for us. We cannot use wildcard ssl certificate therefore we would need to buy a certificate for each domain (tenant). This could cost around 100k$ for our initial needs :)

Bug filed under #19229

Nov 7, 2012 at 9:05 AM

Is it possible that setting up the cookie for the domain+subfolder would solve this issue ? E.g. instead of

Nov 7, 2012 at 6:01 PM

Please file a bug, we will definitely fix it, and you will be able to apply the patch on your local instance. If we find a solution ...

Could you explain the reason why you can't use a wildcard SSL ? Just out of curiosity.

Nov 7, 2012 at 6:46 PM

Wildcard certificates are against the security policy that came with the project, and unfortunately we cannot do anything about this. I filed a bug under #19229.