More Google Apps as OpenID for Wordpress
After a long session going around in circles, I think I have cracked this particular nut!
Yes indeed – I now have been able to create accounts on a Wordpress site, hook those accounts up to use a GAFYD as OpenID to log in to Wordpress using the same credentials as the email hosted at Google (under a custom domain.)
Phew.
How does it work? I’m glad I asked!
The key part of the puzzle was to use the Janrain Wordpress plugin that uses RPX discovery. Yeah, ‘RPX discovery’ sounds like gibberish but it is really important. Google have created their own discovery mechanism (read about it from the creator of the WP OpenID plugin) which just makes things just a little more difficult from our point of view.
In any case, once the RPX plugin is installed it will prompt you to create an account at http://rpxnow.com/ which is both painless and takes only seconds.
Next we will have to manually set the users up in Wordpress. So create your new Wordpress user, make a password (and yes, you do still need a strong password here because it remains a way to login to your Wordpress site for the users.) I chose not to email the password out to the user, as the goal here is to present a single sign on solution.
Moving along – log yourself out of Wordpress and log back in as the new user you just created. Navigate to the Profile panel for that user in the Administration area. The URL will be something like http://www.yourdomain.com/wp-admin/profile.php Down the bottom of that screen you’ll see an area to select a Sign-in Provider. The key is to select OpenID, then enter the base URL for your domain that is active at Google apps. So you would type http://yourdomain.com in.
Finally you’ll have to sign-in using that OpenID to create the link between this user account on your Wordpress install and the account at Google apps which is the single sign on account we want our users to use.
The first time I went around the OpenID authentication I was returned to the from page of my blog with some errros on screen. Ignoring those and going back to the /wp-admin page seems to work fine. For some reason it works out fine after that.
So there you have my solution to use the credentials of your user’s email accounts hosted by Google Apps For Your Domain (GAFYD) to log into a Wordpress blog. Feedback is more than welcome, comments, tweaks, suggestions all. Get connecting!
P.S. A friend of mine has found a differing solution, Wordpress.com for your domain – where you host your website at Wordpress.com, still allowing Google to handle your email with GAFYD. This does not offer a single sign on, however you do get a website plus email for only $US10 per year. Great work Jodie!
Posted
on
Saturday, November 28th, 2009 at 3:10 am under
Thanks for the “manual” – however, isn’t is much more simple if you have your Google Apps hosted domain users log in simply with their account? This way they actually create their own profile without any admin interaction or preparation, so it’s not only easier but safer, and the user has more control.
June 14th, 2010 at 10:00 pmIntriguing. I’ll have to try it.
This is for some courses I’m teaching. I’d like to provide SSO between BuddyPress and Moodle (at a minimum) along with Google Apps and TikiWiki (if possible). This all sounds like a neat workaround since it doesn’t require setting up my own authentication method. (Moodle has some integration with Google Apps and TikiWiki accepts OpenID, so we might be ok.)
However, it does require a few minutes per user, AFAICT. Not too much of a problem with a limited number of students, but it’s probably not scaleable.
So, to reiterate… For each user, I need to:
* Create a GAYD account (seems like the Moodle integration does this).
* Keep the login info somewhere.
* Create a new WP account.
* Log into WP as that user.
* Add OpenID.
* Log into that user’s GAYD account.
* Log into WP using OpenID.
A bit convoluted, but if it works, it’s nice. In fact, I might let students use their authentication method, offering them some help along the way. Although, typically, that ends up eating into much of my time since I get lots of support question, distracting us from the course material.
At any rate, thanks a lot for this post!
July 3rd, 2010 at 1:11 pm