WordPress is a powerful multi-user web content management system. Due to its multi-user nature, WordPress has long instituted a full fledged user system, complete with separated roles and permissions for each user. What happens, however, when WordPress is brought into an environment with an existing user repository? Out of the box WordPress has no support for interacting with other user authentication methods other than built-in, however there exist WordPress filters that allow developers to hook into WordPress core actions, such as user authentication, registration, etc and alter their logic. In this post I will show you how to replace WordPress’ built-in authentication with authentication based off a very simple web service (Which we will also create).
Unless otherwise noted, all development will be assumed to exist at for the purposes of this tutorial.
Check out the following video of the presentation over this topic I gave at the March of 2012 . While containing lots of good information, it should be used along with the rest of this post, not as a replacement for.
We are going to create a simple web based authentication service to use as proof of concept when replacing the built-in WordPress authentication mechanism. Though this service will be simple, it will help illustrate how easy it is to authenticate using other databases, applications, even oAuth. Let’s begin.
Create a new PHP file at with the following contents:
if($_GET['user'] == 'bob' && $_GET['pass'] == 'asdf') {
endpoint security devices endpoint security benefits
TAGS
CATEGORIES