Skip to content

Instantly share code, notes, and snippets.

@NateJacobs
Created October 1, 2011 06:55
Show Gist options
  • Save NateJacobs/1255707 to your computer and use it in GitHub Desktop.
Save NateJacobs/1255707 to your computer and use it in GitHub Desktop.
<?php
class StophaMultipleAuthentication
{
// declare your active directory domain here
CONST domain = 'your domain';
/**
* Class Construct
*
* Hook into the WordPress Authentication procedure
*
* @author Nate Jacobs
* @link http://wordpress.org/support/topic/integrating-wordpress-with-two-other-logins
*/
public function __construct()
{
add_filter( 'authenticate', array( __CLASS__, 'login' ), 10, 3 );
}
/**
* Login Method
*
* Get the values entered by the user during login.
* If the authentication method returns true, go ahead and allow access to WordPress.
* But before that authenticate with HTTP Commander and HESK.
*
* @author Nate Jacobs
* @link http://wordpress.org/support/topic/integrating-wordpress-with-two-other-logins
* @param string $user
* @param string $user_login
* @param string $password
*/
public function login( $user, $user_login, $password )
{
$auth_result = self::can_authenticate( $user_login, $password );
if ( $auth_result == true )
{
// add call to authenticate with HTTP Commander
// add call to authenticate with HESK
return new WP_User($user->ID);
}
else
{
$user = new WP_Error( 'denied', __("<strong>Log in Error</strong><br>Your password or username are incorrect.") );
// deny them access
remove_action('authenticate', 'wp_authenticate_username_password', 20);
return $user;
}
}
/**
* Actual Authentication
*
* Take the $user_login and $password entered by the user and instead
* of matching it against the WordPress DB values check it against the active directory
* username/password combo.
* I was able to use this to connect to the active directory at my workplace, but your
* mileage may vary if it is set-up at all different. It should be enough to get your started though.
*
* @author Nate Jacobs
* @link http://wordpress.org/support/topic/integrating-wordpress-with-two-other-logins
* @param string $user_login
* @param string $password
* @return boolean $result
*/
public function can_authenticate( $user_login, $password )
{
if ( !$user_login )
{
// do nothing
}
else
{
// create the username
$username = $user_login.'@'.self::domain;
$ldapconn = ldap_connect( self::domain )or die("Could not connect to AD server.");
$ldapbind = ldap_bind( $ldapconn, $username, $password );
$result = $ldapbind;
// will be true or false
return $result;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment