Authorize by group membership: what is it supposed to do?

  • Hey there,

    This is probably just a misunderstanding on my part, but I don’t get what the Authorize by group membership option is supposed to do. I thought it would block access to the site to anyone not part of the AD groups listed below, but it only prevents access to the admin, not the public site. Is that the intended behaviour?

    Thanks in advance

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hello Alexandre Simard,
    with the option “Authorize by group membership” you can configure which security groups will be able to login into your WordPress environment. It only blocks the login for users which are not part of the defined groups.

    greetings
    medan123

    Thread Starter Alexandre Simard

    (@brocheafoin)

    It only blocks the login for users which are not part of the defined groups.

    Yes, this is what I’m testing. As I was sayig, it works correctly for access to /wp-admin/. I was expecting it to block access to the public side of the site too, which is not the intended behaviour, I guess.

    I think there’s another issue with this setting, specific to a multisite environment. From what I understand, the groups are only checked during the authentication phase. In a multisite environment, if you have authenticated yourself on a subsite where this setting was not used and you go to a subsite where it is, you will have access to /wp-admin/. Obviously, if Role Equivalent Groups have been set, you won’t be able to do much, but it’s still weird.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Authorize by group membership: what is it supposed to do?’ is closed to new replies.