Is there aa simple way to protect the wp-signup.php in the same way as wp-admin? My script so far does:
1) clicking "login" redirects (custom scripts in pluggable.php) to ous SSO-service, then runs wp_set_current_user() to make them logged in if they already exist in the database, or additionally creates them if they don't yet exist.
2) at this point they have no blogs (obviously) but only usernames which is exactly as I want it to be :)
3) I want to run the same script on wp-signup.php so as they go to wp-signup, if they are logged in they get the "welcome back xxx, create new blog" bit. What actually happens is that they get the whole new username + new blog registration form, which is no good.
So far so good, but I only want logged-in (via SSO) users to be able to signup for a blog. There is no hook that runs before the signup-process? There must be, right, although I could not find any.
Also trying to include my custom script in the page causes a whole lot of "undefined function/class" errors, though I tried to include just about all files with functions I could think of...
Any quick way to achieve what I'm after? I'm running 1.2.4 (the newest version was causing me a lot of grief with infinite redirects)