We've set the $CFG->alternateloginurl variable, but this now stops manual login working. There must be a way to do this, but I can't find anything?
I don't think there is. That is why there is the warning to make sure that you have the alternate login working so that you don't lock yourself out! If you are using alternate login, why do you need manual as well?
We need guest access (for some information pages), manual (for some 3rd-party users of access to some materials on our moodle), and shibboleth for staff and students.
We got around the above issue by cloning the login page, and having one that didn't check for the presence of that setup variable (hence calling it manual.php).
But that was no help if accessing it as a guest/manual account from an email etc link to a specific page/resource (they got the shibboleth page regardless).
We've actually switched all users (by myself and another developer) to ldap - our plan is to write a new login page which has the intelligence that should really be baked in to the existing one...
1) Ask the user if they want guest access OR to login with a username/password
2) If entering a username, present username box
3) Once they've tabbed away from the username box, lookup that username in the mdl_user table for the auth type...
IF they are shibboleth...redirect them to the shibboleth login page (making sure the wantsurl variable is passed on)
OR if they are manual, just reveal the password box / submit button
Oh that makes sense. And I am guessing that Moodle does not query shibboleth from the standard login page like it does other authentication methods? That would be handy!
Guest access you could always fix by not requiring guest login.
I know that Shibboleth and manual logins go together "out of the box".