Title: [Plugin: simpleSAMLphp Authentication] WordPress login not completely disabled (plugin version 0.63) Last modified: August 20, 2016 --- # [Plugin: simpleSAMLphp Authentication] WordPress login not completely disabled (plugin version 0.63) * [s_groening](https://wordpress.org/support/users/s_groening/) * (@s_groening) * [14 years, 2 months ago](https://wordpress.org/support/topic/plugin-simplesamlphp-authentication-wordpress-login-not-completely-disabled-plugin-version-063/) * I’m experiencing an issue that has required med to hack the ‘wp-login.php’ file to stop WordPress from requiring re-authentication upon redirection to the WordPress Admin Area (/wp-admin/). * Whenever I get logged in to my SAML2 IdP I return to the WordPress site, but instead of logging me in without requiring further username and password, I get to the WordPress login form and the only thing to do is to manually edit the location from [https://server.example.com/wp-login.php?redirect_to=https%3A%2F%2Fserver.example.com%2Fwp-admin%2F&reauth=1](https://server.example.com/wp-login.php?redirect_to=https%3A%2F%2Fserver.example.com%2Fwp-admin%2F&reauth=1) to [https://server.example.com/wp-admin](https://server.example.com/wp-admin) and it works … * What I did was to change this line (line #560 of wp-login.php): * `$reauth = empty($_REQUEST['reauth']) ? false : true;` * To: * `$reauth = empty($_REQUEST['reauth']) ? false : false;` * Now, the hack is simple, in the fact that I only need to turn off the reauth bit of the puzzle, basically by always leaving this set to ‘false’ and instead I rely on my simpleSAMLphp SP and IdP to require authentication which in turn is trusted by WordPress, leaving me with a smooth ride … * Could this somehow be corrected? I know [http://rnd.feide.no](http://rnd.feide.no) has it working, but I’ve never actually heard from those guys, if they’ve done the same as I’ve done in terms of changing this single line in wp-login.php …- And, is this an issue for others as well? * Otherwise G R E A T plugin! Hugely important to me, thank you! * Best regards, * Søren Grønning * [http://wordpress.org/extend/plugins/simplesamlphp-authentication/](http://wordpress.org/extend/plugins/simplesamlphp-authentication/) The topic ‘[Plugin: simpleSAMLphp Authentication] WordPress login not completely disabled (plugin version 0.63)’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/simplesamlphp-authentication.svg) * [simpleSAMLphp Authentication](https://wordpress.org/plugins/simplesamlphp-authentication/) * [Frequently Asked Questions](https://wordpress.org/plugins/simplesamlphp-authentication/#faq) * [Support Threads](https://wordpress.org/support/plugin/simplesamlphp-authentication/) * [Active Topics](https://wordpress.org/support/plugin/simplesamlphp-authentication/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/simplesamlphp-authentication/unresolved/) * [Reviews](https://wordpress.org/support/plugin/simplesamlphp-authentication/reviews/) * 0 replies * 1 participant * Last reply from: [s_groening](https://wordpress.org/support/users/s_groening/) * Last activity: [14 years, 2 months ago](https://wordpress.org/support/topic/plugin-simplesamlphp-authentication-wordpress-login-not-completely-disabled-plugin-version-063/) * Status: not resolved