Shibboleth at NC State » Technical Documentation » Using Shibboleth with Wordpress » Shibboleth Plugin Installation

Shibboleth Plugin Installation

This document is old and may be out of date. We recommend that you use one of the NCSU Plugins for campus logins instead.

Download the plugin files

We will be installing a copy of the standard WordPress Shibboleth plugin. The copy we developed contains a few small changes to ensure the code will run in all of our PHP hosting environments. You are welcome to use the official version over our copy, but be warned that it may break with some planned PHP upgrades that we will be making in OIT.

Get the modified copy

  1. Click this link to download the modified
  2. Unzip the file to create a directory named "shibboleth" containing all of the plugin files.
  3. Move or upload the shibboleth directory to your wp-content/plugins directory.

This copy can also be viewed directly on github. See the github cjbnc/shibboleth repo. There you can easily review the modifications to the official source.

If you prefer the standard copy

  1. Go to the Shibboleth plugin page at WordPress.
  2. Find the button on the right side labeled "Download version 1.6". Click that to download
  3. Unzip the file to create a directory named "shibboleth" containing all of the plugin files.
  4. Move or upload the shibboleth directory to your wp-content/plugins directory.
  5. Double check your User Profile Data settings below if you are running on a redirected version of PHP.

Activate the plugin

  1. Login to your site and an administrator and go to your Dashboard.
  2. Click the menu to open the Plugins page.
  3. You should see an entry for the Shibboleth plugin. Click on the Activate link to turn it on.

Now, the documentation for the plugin will tell you that Shibboleth needs to be configured to use lazy sessions. It will also try to configure lazy sessions in your .htaccess file. It will add these lines:

# BEGIN Shibboleth
AuthType shibboleth
Require shibboleth
# END Shibboleth

That should work correctly. If it failed to add those lines because of permissions, go ahead and put them into the .htaccess file manually.

Configure the plugin

While still on the Dashboard site, open the menu option Settings. There should be a new entry for Shibboleth, open that page. Now you should see the Shibboleth Options page, which contains three sections. This guide will cover the suggested settings for each section.

Shibboleth options

User Profile Data

These are the settings that you need to map our Shibboleth suggested [attribute mappings] to the entries used by the plugin.

If you check the "Managed" box next to each field, that field will always be copied from the Shibboleth login. The user will not be allowed to change that value on the WordPress account.

User Profile Data settings for redirected PHP

If you are running the standard plugin, and your PHP service is not using mod_php, you may have problems with these settings as written. The webserver may be changing your attribute mappings by adding 'REDIRECT_' to the front of the variables when they are passed. If this is the case on your server, use these variable names instead:

User Role Mappings

Our IdP doesn't pass entitlements that can be used for these settings. We do pass affiliations, but they are very broad categories that should probably not be used for most sites.

Once you've made all of your updates on this page, be sure to click the "Save Changes" button on the bottom of the page.

Testing the site

Common problems

Page not found for Shibboleth.sso handler