SimpleShib

SimpleShib is a WordPress plugin to authenticate users with a Shibboleth Single Sign-On infrastructure.

Author:	Steve Guglielmo (profile at wordpress.org)
WordPress version required:	5.2
WordPress version tested:	5.4.2
Plugin version:	1.2.2
Added to WordPress repository:	17-02-2017
Last updated:	19-06-2020 Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Rating, %:	0
Rated by:	0
Plugin URI:	https://wordpress.org/plugins/simpleshib/
Total downloads:	819
Click to start download

SimpleShib is a WordPress plugin to authenticate users with a Shibboleth Single Sign-On infrastructure. This plugin will not work if you do not have a Shibboleth IdP and SP already configured.

When a WordPress login request is received from a user, the Shibboleth session is validated. If the session does not exist, user is redirected to the IdP login page. Once authenticated at the IdP, the user is redirected back to WordPress and logged into their local WordPress account. If a local account does not exist, one can optionally be created.

User data (login, name, and email) is updated in WordPress from the IdP data upon every login. Additionally, the user is restricted from manually changing those fields on their profile page.

On multisite instances of WordPress, SimpleShib can only be network-activated.

The plugin settings include options for autoprovisioning, custom IdP attributes, password reset/change URLs, and session initiation/logout URLs.

SimpleShib is developed on GitHub. Please submit bug reports and contributions on the GitHub project page. For general support and questions, please use the WordPress support forum.

This plugin is not affiliated with the Shibboleth or Internet2 organizations.

Screenshots
FAQ

What is Shibboleth?

From Wikipedia:

“Shibboleth is a single sign-on (log-in) system for computer networks and the Internet. It allows people to sign in using just one identity to various systems run by federations of different organizations or institutions. The federations are often universities or public service organizations.”

Can I test this without an IdP?

Maybe. Check out TestShib.org. Note, you still need the SP/shibd configured on the server with Apache/WordPress.

A shibboleth plugin already exists; why write another?

My attempts to use the other Shibboleth plugin failed for various technical reasons. It seemed to be unmaintained at the time. I ended up modifying the plugin heavily. I finally got to the point where I just wrote my own.

The domain name is not correct after a redirect

Add the following to Apache’s config:

    UseCanonicalName On

Can I automatically set user roles based on IdP data?

No. SimpleShib handles authentication, not authorization. Authorization is managed within WordPress by network admins or site admins.

What’s this MIT license?

SimpleShib is released under the MIT license. The MIT license is short, simple, and very permissive. Basically, you can do whatever you want, provided the original copyright and license notice are included in any/all copies of the software. You may modify, distribute, sell, incorporate into proprietary software, use privately, and use commerically.

There is no warranty and the author or any contributors are not liable if something goes wrong.

See the LICENSE file for full details.

Hide FAQ

ChangeLog

Choose right WordPress plugin from thousands others in a moment

What is Shibboleth?

Can I test this without an IdP?

A shibboleth plugin already exists; why write another?

The domain name is not correct after a redirect

Can I automatically set user roles based on IdP data?

What’s this MIT license?

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.3

1.0.2

1.0.1

1.0.0