The question:
I’ve been able to setup and use a couple different LDAP plugins (CoSign SSO, Simple LDAP Logon) to create new WordPress users based on the Active Directory users but it still requires them to manually log in to make posts. Is there a way to have it pull the user’s credentials from the browser and automatically log them in whenever they visit the WordPress site? I have IIS set up with Windows Authentication and the URL is listed in the browser as one it can trust and send credentials to.
Do I need another plugin or would this require editing a page or two in WordPress?
thanks
The Solutions:
Below are the methods you can try. The first solution is probably the best. Try others if the first one doesn’t work. Senior developers aren’t just copying/pasting – they read the methods carefully & apply them wisely to each case.
Method 1
If using Windows Authentication with IIS PHP can read the current authenticated user thats logged on from $_SERVER["LOGON_USER"];
If this is set and the user is not getting a HTTP auth prompt you can assume the user credentials are correct. So with some WP coding you could read that $_SERVER['LOGON_USER'] and if not logged into WP auto log them in with that username.
place in theme functions file or in a MU plugins file.
function auto_login() {
if (!is_user_logged_in() && isset($_SERVER['LOGON_USER'])) {
$user_login = $_SERVER['LOGON_USER'];
$user = get_userdatabylogin($user_login);
$user_id = $user->ID;
wp_set_current_user($user_id, $user_login);
wp_set_auth_cookie($user_id);
do_action('wp_login', $user_login);
}
}
add_action('init', 'auto_login');
You may need to do some further tweaking to the $user_login variable so that you get the correct username that matches in the WP table.
Method 2
You could handle the logout problem with something like this
function auto_login() {
if ( !is_user_logged_in() && isset($_SERVER['LOGON_USER']) && my_logout_cookie_check() === false ) {
$user_login = $_SERVER['LOGON_USER'];
$user = get_userdatabylogin( $user_login );
$user_id = $user->ID;
wp_set_current_user( $user_id, $user_login );
wp_set_auth_cookie( $user_id );
do_action( 'wp_login', $user_login );
}
}
add_action( 'init', 'auto_login' );
add_action( 'wp_logout', 'my_logout_cookie' );
function my_logout_cookie() {
setcookie( 'logout', 'true' );
}
function my_logout_cookie_check() {
if( $_COOKIE['logout'] === 'true' )
return true;
else
return false;
}
And another function to destroy this cookie on sign in
add_action( 'wp_login', 'my_logout_cookie_destroy' );
function my_logout_cookie_destroy() {
setcookie( 'logout', 'false' );
}
This solution is untested. You may hit issues with setting the cookie if you have page output already, but I think that could be overcome relatively easily.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0