WordPress MU

Hi,

I'm working on a project that needs to incorporate its authentication with a single sign on system that's accessed through a web service. I've tried implementing a plug-in to override the wp_login however in the new WPMU it seems its been moved to a file that doesn't allow you to override the function. Any thoughts on how to accomplish this? I don't want to modify the base code for maintenance/upgrade reasons.

p.s. Most of the other login authentication systems for WPMU seem to refer to modifying /wp-content/mu-plugins/pluggable.php this isn't available in the latest version of WPMU.

Um, so why don't you just write your own login script that produces the same result and skips wp-login.php all together?

"/wp-content/mu-plugins/pluggable.php this isn't available in the latest version of WPMU."

Yes, it is. The file's content has been moved to wpmu-functions.php.

Ok, so how do we override whatever is in wpmu-functions.php?

I've faced similar task and I solved it this way:

1) I wrote a script authenticating user against external sign-in system and hooked it to "init" action (at this point you can modify http headers). The script checks whether the user is in the WP database and if its info is up to date and if it is not inserts or updates the user.
At the end, if authentication is successful, wp_set_current_user() is run - this sets the "user is logged in" state for WP.

2) Overrode auth_redirect() from pluggable.php to use custom script that forces login with authentication against the external system instead of wp-login.php

3) Hooked a function to "loginout" filter in order to modify login/logout URL generated by wp_loginout() so that it uses my authentication script.

And that's basically all. Wordpress DB has no user passwords, but everything else is there. All capabilities are managed by Wordpress as usual.

I also have to edit my theme substituting direct links to wp-login.php by wp_loginout()
and also modified user-edit.php and profile.php so that general user info cannot be changed (it is synchronized with the main app).

It is made as a plug-in and it seems to work; if anybody sees potential problems with my approach, I would be glad to know - I'm in no way WordPress guru.

Thank you thank you!

I want my users to use Single Sign-on for the wp-admin area only, is there a hook that can be applied only there? I looked at the list but did not find anything applicable.

(now I'd also like to know how to debug my custom plugin which I am developing, since the only feedback I get about it is the extremely annoying "Plugin could not be activated because it triggered a fatal error." What error?)

Also I want them to authenticate when signing up (disregard what I said about only wanting them to log in to access wp-admin, that's how it seems to work by default) :)

Hi!

I would like this kind of setup for my installation, and I'm wondering if anyone can help me implement it:

1. User signs up to my site.
2. Upon signup, a user+blog is created automatically in WordPress-MU.
3. User logs into the main site.
4. User clicks link to admin their blog.
5. A PHP script aytomatically logs the user into WP for the user.

I'm starting to write a plugin, but I'm wondering if anyone can give me any guidance on how ti implement this, especially step 2.

Thanks in advance!

Hmm. So far, I can see from /wp-signup.php that to create a user+blog, you call:

wpmu_signup_user($user_name, $user_email, apply_filters( "add_signup_meta", array() ));
which creates the user, then
wpmu_signup_blog
which create ths blog. Is this right?

An addition to my post.

It turns out that check_ajax_redirect() function (from pluggable.php) also calls wp_login(), so you need to modify (override) it, otherwise no ajax-based functions (notably, adding categories) is going to work.

Also a call to wp_login() is found in wp-app.php, but I'm not sure what that code is doing, so I left it alone until it interfere with something.

2anjovis: I've turned on error reporting in my PHP install and then just echoed debug information - it appear in random places, but does it matter?

2bloopletech: sorry, I can't answer your questions - I'm very, very far from WP guru! =)

gombo, you made my day! I was just wondering why the heck my ajax-calls (and category creation) are not working with custom authentication... you solved it for me in 3 seconds!

So thanks :)

(my problem arose from the fact that I figured cookies are of no significance for our users since our sigle sign-on -library does all the authentication stuff for us, so what I did was just add the wp_setcookie call to my custom auth_redirect())

Hi gombo.

Would it be possible having a look to your plugin?

I've followed the instructions above to integrate my Wordpress MU with webservice authentication using a plugin in mu-plugins.

Everything works fine. Users get autologon when they are already logged in corporate system and they can create blogs. The problem is when you try to open those blogs on web browser you get a blank page.

If I remove the plugin those blogs are visible so there's something in my plugin preventing to show those blogs.

Any idea? Any way to debug this?

Thanks!

More info:

Apache error log is showing this lines when i try to connect to those blogs:


[Thu Aug 05 02:36:58 2280] [notice] child pid 16537 exit signal Segmentation fault (11)
[Thu Aug 05 02:36:59 2280] [notice] child pid 16538 exit signal Segmentation fault (11)
[Thu Aug 05 02:36:59 2280] [notice] child pid 16539 exit signal Segmentation fault (11)
[Thu Aug 05 02:36:59 2280] [notice] child pid 16544 exit signal Segmentation fault (11)
[Thu Aug 05 02:37:00 2280] [notice] child pid 16536 exit signal Segmentation fault (11)


Gombo. We're in need of an authentication tool like you've written. Would it be possible to get copy of your code. I just started looking at the wp code, and need to get a handle on how it is designed as well.

gombo,
Do you record the username/password somewhere so that you can authenticate the user to the remote system?
You said the routine "checks whether the user is in the WP database and if its info is up to date" but you also state that there are no passwords in the WP db.