[Plugin: Active Directory Integration] is auto authentication still on the horizon?

Viewing 6 replies - 1 through 6 (of 6 total)

  • What authentication method have you got set in IIS? The auto_login() function probably expects Integrated Windows Authentication only, might not work if you have anonymous enabled. It also seems to need 2 page refreshes to actually display the user as logged in, and of course there is no way to ever log out!

    I’ve also used the IIS Authentication Plugin occasionally to add some extra methods, seems to work ok but compatibility problems with Dynamic Widgets & Buddypress.

    https://www.iis.net/community/default.aspx?tabid=34&g=6&i=1500

    I’d still like to see proper automatic AD authentication. The hack remains an unsatisfactory workaround in my book!

    Also, just noticed, here’s the ticket for auto-authentication on the developer’s bug tracker. Some useful comments on there.

    https://bt.steindorff.de/view.php?id=3

    One thing to note is that get_userdatabylogin($user_login) is now depreciated, so change that bit of the code for get_user_by(‘login’, $user_login). New auto_login() function should look like this:

    function auto_login() {
	if (!is_user_logged_in() && isset($_SERVER['LOGON_USER'])) {
		$user_login = substr($_SERVER['LOGON_USER'], strrpos($_SERVER['LOGON_USER'],'\\')+1, strlen($_SERVER['LOGON_USER'])-strrpos($_SERVER['LOGON_USER'],'\\'));
		$user = get_user_by('login', $user_login);
		$user_id = $user->ID;
		wp_set_current_user($user_id, $user_login);
		wp_set_auth_cookie($user_id);
		do_action('wp_login', $user_login);
    }
}
add_action('init', 'auto_login');
    Thread Starter slackgeek

    (@slackgeek)

    I finally got around to trying this and it totally worked.

    Using the modified code without the depreciated function, and fiddling with my IIS7 authentication setting solved the problem.

    I did not notice the 2 refreshes – it seems to work perfectly when I first load the page. I tested it as a few different users.

    Also, I don’t want users to be able to log out, so as long as there’s no hiccups, it’s perfect.

    Thank you!

    Thread Starter slackgeek

    (@slackgeek)

    Ahhhh man – I spoke too soon.

    While it DOES work, it only works when the user has already been created within WordPress. So, the user would still have to visit wp-admin, and login with their AD credentials once, in order for the account to be created within WordPress, and then once the account was created, the desired behavior (of always automatically logging you into WordPress) is achieved.

    I tried (unsuccessfully) to modify the code in my ad-integration.php as suggested at https://bt.steindorff.de/view.php?id=3, but also with alexnolan‘s code modification above.

    It simply killed my SSL authentication altogether. (For what it’s worth, my deployment is on a redundant 4-server web-farm running WinServer 2008 R2 and IIS7.5 with Windows Authentication.) Should I have disabled Anonymous Authentication when trying this? Is that why it didn’t work?

    RealDolmen – IIS Authentication Plugin

    Look up that plugin. I use it on my IIS envrio and it works AMAZINGLY.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘[Plugin: Active Directory Integration] is auto authentication still on the horizon?’ is closed to new replies.