[wp-edu] Federated Authentication? Anyone thought about it?

Patrick Laverty patrick_laverty at brown.edu
Wed Sep 29 19:03:39 UTC 2010

Has anyone else thought about allowing federated authentication to
your Wordpress instance?  Where you can allow people at different
institutions log in to your server with a username and password that
is not a part of your school's?

We're trying to do it with Shibboleth (as opposed to OAuth or some of
the other mechanisms).  The problem that we're running into is usually
a federated ID will look like an email address, which is what
indicates who the identity provider is.  However, Wordpress has some
validation checking that doesn't allow anything other than letters for
the username and the @ and . make the username invalid.  We've even
tried creating an additional plugin, or extending the existing
Shibboleth plugin, but we're still having trouble.  One source even
said that we shouldn't be allowing the @ and . in the username and
should allow for something else.

So I ask you, have you thought about this problem?  Have you had to
deal with it?  Does a solution sound easy?  Thoughts?

Thank you.

Patrick Laverty
Brown University

More information about the wp-edu mailing list