search

SAML-Toolkits / wordpress-saml

OneLogin SAML plugin for Wordpress
MIT License
65 stars 74 forks source link

Enhancement Bypass Filter for spiders Etc. #87

Closed arkytn closed 4 years ago

arkytn commented 4 years ago

I would like to suggest adding a filter to disable SSO when used in a forced SSO login situation. A bypass is needed to allow things like a search spider to scan the site without forcing the spider to login. Add to saml_sso() in functions.php:

function saml_sso() {
    if ( (defined( 'WP_CLI' ) && WP_CLI ) || wp_doing_cron() ){
        return true;
    }

    if ( apply_filters('onelogin_disable_saml_sso', false ) ) return true;

Now you can use the filter to recognize an IP or a header to disable the SSO for individual sites.

skanigins commented 1 year ago

Can anyone clarify please how can I use the filter to add an IP to prevent a forceful SSO for that specific IP Address?