In a company we want to implement an SSO solution for our customers. We have 4 different portals - Jira, 2 WordPress websites and Joomla website and OpenLDAP as a user directory. Our choice fell on Shibboleth provider and we have already tried to connect it with one of the WordPress websites. Shibboleth provides a unified user login form which looks fine, but I don't understand what is a proper way to registrate users on WordPress websites (or others).
One thing that came up to me is creating a new unified page with registration form, but I don't understand why Shibboleth doesn't provide this option and it leads me to concerns that it may have drawbacks. Searching on the internet didn't provide me any answer and it only intensified my concerns.
I've heard that it might be insecure to allow usual users to register in your OpenLDAP directory, and I wonder if it is a main concern and why nobody speaks about user registration via Shibboleth. So, what are appropriated solutions to user registration for infrastructure with WordPress, SSO and OpenLDAP?
Thank you for your feedback.
