wpCAS-w-LDAP allows you to use your own CAS architecture to authenticate users in your WordPress blog. It also allows you to configure an LDAP connection to get user information for user not already members of your WordPress installation.
Users who attempt to login to WordPress are redirected to the central CAS sign-on screen. After the user’s credentials are verified, s/he is then redirected back to the WordPress site. If the CAS username matches the WordPress username, the user is recognized as valid and allowed access.
Authorization of that user’s capabilities is based on native WordPress settings and functions. CAS only authenticates that the user is who s/he claims to be.
If the CAS user does not have an account in the WordPress site, depending on the plugin’s settings, the user is either
- Denied access or
- Added to the user database with the default role set on the plugin’s options page.
LDAP is included as an option for getting user information when they are being added to the database. If LDAP is available on your installation of PHP, you will be given the option of configuring it for this purpose.