[Plugin: CAS Authentication] It works: WP 3.2.1 and CAS 2.4

How did you get it to work? I’ve been over the cas-authentication.php script until my eyes bled, but no joy yet.

My predecessor got cas-plugin 2.2 to work with WordPressMU 2.8 in our environment. I’m trying to upgrade with cas-plugin 2.4 on 3.2.1. The cas server does get called, but the redirect back always ends up in a reauth state where you have to authenticate with the WordPress login screen. It seems like the token doesn’t get passed. In the cas-authentication.php script, it looks like $user is returned as true, but that’s not getting tied into the WordPress authentication hook somehow.

WordPress 3.3 came out about 2 days ago, so I’ll probably start hacking at the plugin with 3.3.

If there’s some simple edit that you made, please let the world know. This is the only game in town for CAS authentication on WordPress, it seems.

This may help you, took me awhile to find. The global user password is md5 hashed in the authenticate method of the plugin. This interferes with the way wordpress processes the password for authentication. Just remove it.

$username = phpCAS::getUser();
$password = md5(CASAuthentication::passwordRoot());

becomes

$username = phpCAS::getUser();
$password = CASAuthentication::passwordRoot();

I just voted the combination WP 3.3.1 and Cas auth plugin 2.4 to be broken.
I tried the fix proposed by pho3nixf1re (i.e remove the md5() call
in file cas-authentication.php, line 101. However, this does not work for me. Once, authentificated at the CAS server, i am just redirected to the wp-login.php page with an pre-filled username and password that is rejected.
@pho3nixf1re : is it the only thing you changed?

I managed to make this plugin working with WordPress 3.4.1, so let me know if you want to know how.