Override the WordPress default login action

Write the following to your functions.php-file:

// this action is executed just before the invocation of the WordPress authentication process
add_action('wp_authenticate','checkTheUserAuthentication');

function checkTheUserAuthentication() {

     $username=$_POST['log'];
     $password=$_POST['pwd'];

    // try to log into the external service or database with username and password
    $ext_auth = try2AuthenticateExternalService($username,$password);

    // if external authentication was successful
    if($ext_auth) {

         // find a way to get the user id
         $user_id = username_exists($username);
         // userdata will contain all information about the user
         $userdata = get_userdata($user_id);
         $user = set_current_user($user_id,$username);

         // this will actually make the user authenticated as soon as the cookie is in the browser
         wp_set_auth_cookie($user_id);
         // the wp_login action is used by a lot of plugins, just decide if you need it
        do_action('wp_login',$userdata->ID);

        // you can redirect the authenticated user to the "logged-in-page", define('MY_PROFILE_PAGE',1); f.e. first
        header("Location:".get_page_link(MY_PROFILE_PAGE));
    }

}

Note that this script will login your useres totally without using their passwords, so use it carefully.

If you experience any problems with this way of authentication, make sure that the Cookies in the Browser are set and sent properly – make sure that setcookie() in wp-includes/pluggable.php uses all parameters of the setcookie()-function correctly. Especially check the values for COOKIE_DOMAIN, COOKIEPATH and SITECOOKIEPATH as we had and issue with that.