Salta al contenuto
  • Accedi
  • Registrati
WordPress.org

Italia

  • Temi
  • Plugin
  • Notizie
  • Supporto
    • Documentazione
    • Forum
  • Info
  • Team
  • Community
  • Traduci
    • PTE status requests by Devs for Italian localization: the guidelines.
  • Learn WordPress
  • Openverse
  • Pattern
  • Scarica WordPress
Scarica WordPress

Directory dei plugin

  • Preferiti
  • Beta
  • Sviluppatori
Scarica

UMich OIDC Login

Di Regents of the University of Michigan
  • Dettagli
  • Recensioni
  • Installazione
  • Sviluppo
Supporto

Descrizione

This plugin is for a very specific use case: Your WordPress website is part of an organization that uses OpenID Connect (OIDC) for web single-sign-on as well as for group-based authorization. In that case, this plugin will let you restrict access to parts of your WordPress website based on OIDC login and group membership information.

This plugin has been tested with:

  • Shibboleth OIDC using the eduperson_ismemberof attribute for LDAP group membership.

Features:

  • Allow site visitors to log in via OIDC without needing a WordPress user account.
  • Optionally allow WordPress users to log in via OIDC instead of using their WordPress password.
  • Optionally restrict access to the entire site to logged-in users or only members of specific groups.
  • Optionally restrict access to specific pages and posts to logged-in users or only members of specifc groups.
  • Show parts of pages/posts/widgets only to logged in users or members of specific groups.
  • Access restrictions apply to site visitors, feeds, the REST API, and XMLRPC.
  • Shortcodes (Gutenberg blocks planned for a future release)
    • umich_oidc_button – Generate a login or logout button.
    • umich_oidc_link – Generate a login or logout link.
    • umich_oidc_logged_in – Show content only if the visitor is logged in.
    • umich_oidc_member – Show content only if the visitor is a member of one or more groups.
    • umich_oidc_not_logged_in – Show content only if the visitor is NOT logged in.
    • umich_oidc_not_member – Show content only if the visitor NOT a member of any of the specified groups.
    • umich_oidc_url – Generate a login or logout URL.
    • umich_oidc_userinfo – Display information about the currently-logged-in OIDC user.

Restricting private content in search results

You can prevent content from showing up in web search engine results by restricting access to particular pages/posts.

Search results from WordPress’ built-in search will only show content that the searching user has access to.

WARNING: WordPress search plugins may show content that the user does not have access to, leaking private information. Please test search plugin before enabling them. If a search plugin provides an appropriate WordPress hook for limiting search results, contact us and we may be able to add support for it to UMich OIDC Login.

Copyright and license information

Copyright (c) 2022 Regents of the University of Michigan.

This file is part of the UMich OIDC Login WordPress plugin.

UMich OIDC Login is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

UMich OIDC Login is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with UMich OIDC Login. If not, see https://www.gnu.org/licenses/.

Screenshot

  • Allows visitors to log in via OIDC without needing a WordPress user acccount. WordPress can get information about logged-in visitors from the OIDC Identity Provider.
  • WordPress users can log in using either OIDC or their WordPress username and password.
  • Control what happens when visitors/users log in and log out.
  • Use group information obtained through OIDC to control access to the website.
  • Use group information obtained through OIDC to control access to individual posts and pages.
  • OIDC authentication settings.
  • Access OIDC user information from within WordPress. Control which OIDC claims should be used for each piece of information.
  • Use shortcodes to control who sees which things within pages, posts, and themes.

Installazione

  1. (Recommended but not required) Install the WordPress Native PHP Sessions plugin from the WordPress.org plugin repository or by uploading the files to your web server. For details, see How to Install a WordPress Plugin. UMich OIDC Login strongly recommends using the WordPress Native PHP Sessions plugin to prevent conflicts with other WordPress plugins that also use PHP sessions, and to ensure correct operation when the site resides on multiple web servers.
  2. Install UMich OIDC Login from the WordPress.org plugin repository or by uploading the files to your web server.
  3. Activate both the WordPress Native PHP Sessions and the UMich OIDC Login plugins through the ‘Plugins’ menu in WordPress.
  4. Under the Settings menu in WordPress, navigate to “UMich OIDC Login” and thenclick on the “OIDC” tab. Make a note of the Redirect URI value for use when registering an OIDC client for your WordPress site.
  5. Register an OIDC client for your WordPress site. On the OIDC tab of the UMich OIDC Login settings page, fill in the information you got when registering your client. At a minimum, this will be the Identity Provider URL, Client ID, and Client Secret. Click the “Save Changes button”.

  6. You can now use the settings on the General tab to control access to the website, as well as login and logout behavior. You can restrict access to individual posts and pages by editing them and changing their document settings. You can also use shortcodes from the Shortcodes tab in your theme and/or website content. Adding the following shortcodes to your theme will display a greeting and a login/logout button.

    Hello, [umich_oidc_userinfo type="given_name" default="stranger"]
    [umich_oidc_button]

FAQ

Why do I have to specify all groups on the settings page?

Currently, UMich OIDC Login is designed to work with OIDC Identity Providers that restrict the groups for which membership information can be released to websites. In addition, only the official names of groups can be used; aliases will not work. By entering the allowed groups on the settings page, the group names onlly have to be correct in a single place and access to individual pages/posts can be controlled by selecting group(s) from a dropdown list.

Help! OIDC stopped working and now I can’t log in to my WordPress dashboard!

Use WP CLI to turn off OIDC for WordPress users:

wp option patch delete umich_oidc_settings use_oidc_for_wp_users

You should then be able to log in to WordPress using your WordPress username and password for your website.

Or, completely turn off the UMich OIDC Login plugin. WARNING: deactivating the plugin will make any restricted content you have publicly viewable.

wp plugin deactivate umich-oidc-login

If you don’t remember your WordPress user account password, you can set a new one:

wp user update YOUR-WORDPRESS-USERNAME --user_pass="PUT-YOUR-NEW-PASSWORD-HERE"

Recensioni

Non ci sono recensioni per questo plugin.

Contributi e sviluppo

“UMich OIDC Login” รจ un software open source. Le persone che hanno contribuito allo sviluppo di questo plugin sono indicate di seguito.

Collaboratori
  • markmont

Traduci “UMich OIDC Login” nella tua lingua.

Ti interessa lo sviluppo?

Esplora il Codice segui il Repository SVN iscriviti al Log delle Modifiche. Puoi farlo tramite RSS con un lettore di feed.

Changelog (registro delle modifiche)

1.1.2

  • Fixed a bug that prevented groups that have apostrophes / single quotes in their names from working.

1.1.1

  • Fixed a bug with login/logout URLs being incorrect when WordPress is installed in a subdirectory.

1.1.0

  • Completely reimplemented the feature for using OIDC to log into the WordPress dashboard.
    • Changed the setting values from no/yes to no/optional/yes. The new setting (“optional”) allows users a choice of whether to log in using OIDC or their WordPress password. Choosing which way to log in looked like it was supported before when it was not, which was confusing.
    • The “no” setting previously displayed a “Login in with Single Sign On” button that would only log users into the website but not the WordPress dashboard. This was confusing, and so the button has been removed when OIDC login for WordPress is set to “no”.
    • If a user attempts to log in to the WordPress dashboard via OIDC but does not have a WordPress user account, they will now get an “Access Deined” error instead of silently being logged into the website but not logged in to WordPress.
  • Fixed a bug where unauthenticated users who tried to access a restricted page/post would sometimes get a “Page Not Found” error instead of being prompted to log in.
  • Fixed a bug where users were sometimes not sent to the correct page after authenticating.
  • Miscellaneous cleanup and improvements.

1.0.0

  • Initial release.

Meta

  • Versione del plugin: 1.1.2
  • Ultimo aggiornamento: 2 settimane fa
  • Installazioni attive stimate: 80+
  • Richiede WordPress: 6.0.0 o superiore
  • Testato fino alla versione: 6.2.2
  • Richiede PHP: 7.3 o superiore
  • Lingua:
    English (US)
  • Tag:
    access-controlcontent restrictiongroupsloginoidc
  • Visualizzazione avanzata

Valutazioni

Non sono ancora state fatte.

Accedi per inviare una recensione.

Collaboratori

  • markmont

Supporto

Hai qualcosa da dire? Ti serve aiuto?

Chiedi nel forum di supporto

  • Chi siamo
  • News
  • Hosting
  • Donazioni
  • Swag
  • Supporto
  • Sviluppo
  • Partecipa
  • Imparare
  • Vetrina
  • Plugin
  • Temi
  • Pattern
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Privacy
  • Public Code
WordPress.org
WordPress.org

Italia

  • Visita la nostra pagina Facebook
  • Visita il nostro account Twitter
  • Visita il nostro account Instagram
  • Visita il nostro account LinkedIn
Code is Poetry.