heiglandreas / authLdap

LDAP-Authentication for WordPress
http://andreas.heigl.org/cat/dev/wp/authldap/
MIT License
69 stars 38 forks source link

authLDAP

Join the chat at https://gitter.im/heiglandreas/authLdap

Use your existing LDAP as authentication-backend for your wordpress!

Build Status WordPress Stats WordPress Version WordPress testet Code Climate codecov

So what are the differences to other Wordpress-LDAP-Authentication-Plugins?

How does the plugin work?

Well, as a matter of fact it is rather simple. The plugin verifies, that the user seeking authentification can bind to the LDAP using the provided password.

If that is so, the user is either created or updated in the wordpress-user-database. This update includes the provided password (so the wordpress can authenticate users even without the LDAP), the users name according to the authLDAP-preferences and the status of the user depending on the groups-settings of the authLDAP-preferences

Writing this plugin would not have been as easy as it has been, without the wonderfull plugin of Alistair Young from http://www.weblogs.uhi.ac.uk/sm00ay/?p=45

Configuration

Usage Settings

Server Settings

Creating Users

User-Groups for Roles

FAQ

Can I change a users password with this plugin?
Short Answer: No!
Long Answer: As the users credentials are not only used for a wordpress-site when you authenticate against an LDAP but for many other services also chances are great that there is a centralized place where password-changes shall be made. We'll later allow inclusion of a link to such a place but currently it's not available. And as password-hashing and where to store it requires deeper insight into the LDAP-Server then most users have and admins are willing to give, password changes are out of scope of this plugin. If you know exactyl what you do, you might want to have a look at issue 54 wherer a way of adding it is described!
Can I add a user to the LDAP when she creates a user-account on wordpress?
Short Answer: No!
Long Answer: Even though that is technically possible it's not in the scope of this plugin. As creating a user in an LDAP often involves an administrative process that has already been implemented in your departments administration it doesn't make sense to rebuild that - in most cases highly individual - process in this plugin. If you know exactly what you do, have a look at issue 65 where wtfiwtz shows how to implement that feature.