I need to completely replace WP’s login form with the login form of an external service.
The actions and filters I’ve found (eg login_form, login_head) seem to rely on WP’s login process starting. I suppose I could do a redirect from here, but is there a cleaner way of sending a user to another URL if they attempt to browse to a WordPress login page.
Short and simple: No. You’ll find a lot of stuff for wp-login.php on trac, but it seems that it won’t change.
I’m working through how I’m doing this over on this question: SSO / authentication integration with external ‘directory service’
In WordPress 3.2 you can hook in
login_initand redirect from there.