This article assumes that the reader has knowledge on WordPress and Central Authentication Service.

Today I was trying WordPress to authenticate itself from a CAS server. I found out that WordPress has a CAS plugin which is built upon the phpCAS library.

My CAS server is a Ruby CAS server., and I have an AMP setup up with the wordpress (ver. 2.6), phpCAS (ver. 0.60-1), WordPress CAS plugin (ver. 2.2 ) and latest version of Pear::DB. ( I know … I have filled it up in one line, but its easy if you follow the docs! )

After activating the CAS plugin, I had a huge amount warnings and errors on my browser. Most of them were solved after giving them proper permissions. And resolving the libraries the respective components needs.

Then, depending on your CAS Server’s SSL configuration, you need to edit “client.php” of phpCAS to allow https or http alone.

Then it worked fine, but WordPress would not login as it did create the cookie for the user. I went through the previous versions of the same plugin and found that wordpress has a function called wp_setcookie which can be called to set the cookie for a user.

The patch created by me modifies the WordPress plugin to explicitly set a cookie, if a user was granted a ticket from the CAS server. Note that, the older versions of the same plugin had the set_cookie code, but I could not find a changelog for the same.

If any one else have any other experiences with WordPress and CAS, I’d love to hear their experiences as well.