Skip to content
  • Log In
  • Register
WordPress.org

ⵜⴰⵎⴰⵣⵉⵖⵜ

  • Themes
  • Plugins
  • News
  • About
  • Contact
  • Get WordPress
Get WordPress

Plugins

  • My Favorites
  • Beta Testing
  • Developers

This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Download

Shibboleth With LDAP Authorization

By Florida Museum of Natural History Office of Museum Technology
  • Details
  • Reviews
  • Installation
  • Development
Support

Description

Since this plugin extends the Shibboleth plugin, you must first have the Shibboleth plugin, available from https://wordpress.org/extend/plugins/shibboleth/
installed and activated. Otherwise, the plugin will fail to activate as the shibboleth_user_role filter hook will not be registered.

To use this plugin, you must already have the following setup on your server:
1. The above Shibbleth plugin.
2. A UFAD group created for each of the WordPress roles (administrator, editor, author, contributor, and subscriber).

Screenshots

  • Plugin Screenshot
  • Plugin Config Options

Installation

  1. Install, activate, configure and test the Shibbloeth plugin. When it is working, procede.
  2. Create a UGRM directory in /wp-content/plugins/ directory
  3. Extract the contents of the UGRM.tar.gz plugin archive to the /wp-content/plugins/UGRM directory
  4. Populate UgrmLdapConfig::$configuration attribute located at /wp-content/plugins/UGRM/ldap-config.php. Options are:
    a. binddn – The Distinguished Name (DN) of the user or service account that will query LDAP server for group membership.
    b. pw – The password for the user or service account connecting to ldap. (binddn user)
    c. basedn – The base DN for the LDAP directory.
    d. ldapUri – The URI of the ldap server.
  5. Activate the plugin through the ‘Plugins’ menu in WordPress
  6. Populate the ‘UFAD Groups to Roles’ options page under the ‘Settings’ menu in WordPress.

FAQ

It’s not working. What should I check?

Check for typos on the options page and ensure you’ve spelled your UFAD groups correctly.

If $_SERVER['glid'] for Apache or `$_SERVER['HTTP_glid']` for IIS is not present, then complete

the correct application to have glid included in UF Shibboleth URN.

Verify that you can make a connection to the ldap server specified in ldapUri set in the options file. You may do this by launching ldp.ext
in Windows and inputting the binddn and password from the options file. You could also use any of the various ldap modules for any
programming language to test.

What if I’ve done all that and it still doesn’t work?

Contact the plugin author(s), who will respond in a vague and unspecified amount of time.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Shibboleth With LDAP Authorization” is open source software. The following people have contributed to this plugin.

Contributors
  • warren.brown
  • taylorwilson

Translate “Shibboleth With LDAP Authorization” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

2.0.1

  • Updates ldap.php with ternary to elimiate options index notice for logpath

2.0

  • Updates UGRM.php to use UgrmLdap class from ldap.php to query UFAD LDAP server to get group membership by shibboleth provided glid apache server variable.
  • Adds ldap-config.php containing LDAP connection parameters.
  • Corrects bug in options.php where $_SERVER superglobal array keys were not quoted, emitting an error for undeclared constant.

1.7.1

  • Corrected typo in code. Minor fix, but very large impact.

1.7

  • Discovered that with multisite enabled, the server variables will sometimes present as prepended with REDIRCT_ when in a subsite. E.G. UFADGroupsDN will sometimes appear
    REDIRECT_UFADGroupsDN. The code has been extended to accomdate this.
    *As a side note, the Shibboleth plugin UGRM extends appears to have been abandoned. As we’ve already made code changes to enable the Shibboleth plugin to work
    with the new WordPress enabled for multisite, and we had to graft on further changes for the REDIRECT_ behavior, we plan to release a fork of the Shibboleth plugin.

1.6

  • Fixed a glaring bug in when “Force Shibboleth return target to HTTPS” was checked and return target was already https the target would be munged to httpss.
  • Discovered Shibboleth on IIS prepends all Shibboleth server variables with a HTTP_ prefix because the variables are populated via CGI as IIS does not support
    environment variables (for details, check out: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAttributeAccess). Plugin now inspects SERVER_SOFTWARE
    variable and adjusts accordingly.

1.5

  • Fixed header in UGRM.php to resolve current version display on WordPress site.

1.4

  • Attempting to correct WordPress SVN tagging for current

1.3

  • Still working on SVN versioning

1.2

  • New version number to resolve wonkyness with WordPress SVN.

1.1

  • Added a configuration option for requiring HTTPS on the return target. This hooks into the Shibboleth provided shibboleth_seesion_initiator_url filter and ensures
    the return target uses HTTPS. This allows you seemless provide a Shibboleth integrated WordPress site where the content side is delivered via HTTP and the admin
    side is delivered VIA HTTPS. The default Shibboleth plugin behavior is to construct the return target using the current protocol, e.g. if you click the login link from
    HTTP, your return target would be for HTTP. UGRM now allows you to overide this behavior and alwasy use a HTTPS return target.

1.0

  • Initial Release

Meta

  • Version: 2.0.1
  • Last updated: 5 ⵉⵙⴳⴳⵯⴰⵙⵏ ago
  • Active installations: 10+
  • WordPress Version: 3.2.1 or higher
  • Tested up to: 4.9.22
  • Language:
    English (US)
  • Tags:
    loginSAMLshibbolethUF
  • Advanced View

Ratings

This plugin has not been rated yet.

Log in to submit a review.

Contributors

  • warren.brown
  • taylorwilson

Support

Got something to say? Need help?

View support forum

Donate

Would you like to support the advancement of this plugin?

Donate to this plugin

  • About
  • News
  • Hosting
  • Donate
  • Swag
  • Documentation
  • Developers
  • Get Involved
  • Learn
  • Showcase
  • Plugins
  • Themes
  • Patterns
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Privacy
  • Public Code
WordPress.org
WordPress.org

ⵜⴰⵎⴰⵣⵉⵖⵜ

  • Visit our Facebook page
  • Visit our Twitter account
  • Visit our Instagram account
  • Visit our LinkedIn account
Code is Poetry.