https://github.com/uhm-coe/authorizer

Authorizer is a WordPress plugin that uses Google, CAS, LDAP, or an OAuth2 provider for logins, and can prevent public access to a WordPress site. It also blocks repeated failed login attempts.
https://github.com/uhm-coe/authorizer

authentication cas ldap login oauth2 sso wordpress wordpress-plugin

Last synced: 3 months ago
JSON representation

Authorizer is a WordPress plugin that uses Google, CAS, LDAP, or an OAuth2 provider for logins, and can prevent public access to a WordPress site. It also blocks repeated failed login attempts.

• Host: GitHub
• URL: https://github.com/uhm-coe/authorizer
• Owner: uhm-coe
• License: gpl-3.0
• Created: 2014-06-03T21:39:55.000Z (about 12 years ago)
• Default Branch: master
• Last Pushed: 2025-12-19T20:50:24.000Z (6 months ago)
• Last Synced: 2026-01-14T01:46:39.223Z (5 months ago)
• Topics: authentication, cas, ldap, login, oauth2, sso, wordpress, wordpress-plugin
• Language: PHP
• Homepage:
• Size: 27.4 MB
• Stars: 72
• Watchers: 15
• Forks: 46
• Open Issues: 15
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Authorizer

* WordPress Plugin: [https://wordpress.org/plugins/authorizer/][wp]

* Changelog: [https://github.com/uhm-coe/authorizer/blob/master/readme.txt][changelog]

*Authorizer* is a WordPress plugin that restricts access to specific users, typically students enrolled in a university course. It maintains a list of approved users that you can edit to determine who has access. It also replaces the default WordPress login/authorization system with one relying on an external server, such as Google, CAS, LDAP, OAuth2, or an OIDC provider. Finally, *Authorizer* lets you limit invalid login attempts to prevent bots from compromising your users' accounts.

*Authorizer* requires the following:

* **CAS server** or **LDAP server** (plugin needs the URL)

* PHP extensions: php-ldap, php-curl, php-dom

*Authorizer* provides the following options:

* **Authentication**: WordPress accounts; Google accounts; CAS accounts; LDAP accounts; OAuth2 accounts; OIDC (OpenID Connect) accounts

* **Login Access**: All authenticated users (all local and all external can log in); Only specific users (all local and approved external users can log in)

* **View Access**: Everyone (open access); Only logged in users

* **Limit Login Attempts**: Progressively increase the amount of time required between invalid login attempts.

* **Shortcode**: Use the `[authorizer_login_form]` shortcode to embed a wp_login_form() outside of wp-login.php.

## Screenshots

![](assets/screenshot-1.png?raw=true "WordPress Login screen with Google Logins and CAS Logins enabled.")

![](assets/screenshot-2.png?raw=true "Authorizer Dashboard Widget.")

![](assets/screenshot-3.png?raw=true "Authorizer Options: Access Lists.")

[wp]: https://wordpress.org/plugins/authorizer/

[changelog]: https://github.com/uhm-coe/authorizer/blob/master/readme.txt