內容簡介
wpCAS 將 WordPress 整合到一個已建立的 CAS 架構中,允許在異質環境中集中管理和驗證用戶憑證。
Wikipedia 上說明:
中央身分驗證服務(CAS)是用於 Web 的單一登入協議。它的目的是允許用戶同時且自動登入多個應用程式。它還允許不受信任的 Web 應用程式通過不獲取用戶安全憑證(例如密碼)的訪問權限來驗證用戶。CAS 這個名稱也指一個實現這個協議的軟件包。
嘗試登入 WordPress 的用戶將被重新導向到中央 CAS 登入畫面。用戶的憑證驗證通過後,用戶將被重新導向回到 WordPress 網站。如果 CAS 的用戶名稱與 WordPress 用戶名稱匹配,則認可該用戶是有效的並允許存取。
用戶的權限授權基於原生 WordPress 設置和功能。CAS 只驗證用戶是一個真實存在的使用者。
如果 CAS 用戶沒有 WordPress 帳戶,則可以調用由管理員定義的函數來生成帳戶或執行其他操作。預設情況下,CAS 用戶若沒有 WordPress 帳戶將被拒絕存取。
外掛標籤
開發者團隊
原文外掛簡介
wpCAS integrates WordPress into an established CAS architecture, allowing centralized management and authentication of user credentials in a heterogeneous environment.
From Wikipedia:
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to log into multiple applications simultaneously and automatically. It also allows untrusted web applications to authenticate users without gaining access to a user’s security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.
Users who attempt to login to WordPress are redirected to the central CAS sign-on screen. After the user’s credentials are verified, s/he is then redirected back to the WordPress site. If the CAS username matches the WordPress username, the user is recognized as valid and allowed access.
Authorization of that user’s capabilities is based on native WordPress settings and functions. CAS only authenticates that the user is who s/he claims to be.
If the CAS user does not have an account in the WordPress site, an administrator defined function can be called to provision the account or do other actions. By default, CAS users without WordPress accounts are simply refused access.
