內容簡介
這個 SAML 外掛可消除密碼,允許您驗證 WordPress 使用者(通常是編輯人員)與現有的 Active Directory 或 LDAP 伺服器進行身分驗證,同時使用 OneLogin、YubiKeys 或 VeriSign VIP Access 增強安全性。OneLogin 已與數千個應用程式進行預整合,並在雲端和防火牆後面處理所有 SSO 需求。
消除 WordPress 中的密碼
允許使用者使用其 Active Directory 或 LDAP 憑證登入 WordPress
讓使用者可以從內部網站一鍵訪問
使用瀏覽器 PKI 憑證或來自 Yubico 或 VeriSign 的雙重身份驗證增強安全性
輕鬆防止前員工和承包商訪問
如果您使用了之前的版本,啟用了 JIT (即時提供)功能,請參閱:https://wpvulndb.com/vulnerabilities/8508
為了緩解該問題,將腳本置於 WordPress 根目錄並執行它(稍後再刪除)https://gist.github.com/pitbulk/a8223c90a3534e9a7d5e0a93009a094f
外掛標籤
開發者團隊
原文外掛簡介
This SAML plugin eliminates passwords and allows you to authenticate WordPress users (typically editors) against your existing Active Directory or LDAP server as well increase security using YubiKeys or VeriSign VIP Access via OneLogin. OneLogin is pre-integrated with thousands of apps and handles all of your SSO needs in the cloud and behind the firewall.
Eliminate passwords in WordPress
Allow users to sign into WordPress with their Active Directory or LDAP credentials
Give users one-click access from your intranet
Increase security using browser PKI certificates or two-factor authentication from Yubico or VeriSign
Easily prevent access from former employees and contractors
If you used this plugin before 2.2.0 with just-in-time provision active, Read: https://wpvulndb.com/vulnerabilities/8508
To mitigate that bug, place the script at the root of wordpress and execute it (later remove it) https://gist.github.com/pitbulk/a8223c90a3534e9a7d5e0a93009a094f
