Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

Implementation of mod_auth_pubtkt as Django middleware

Project Description


Author: Alexander Vyushkov

Implementation of mod_auth_pubtkt: a pragmatic Web Single Sign-On (SSO) solution as Django middleware. This version was tested on Python == 2.7, Django == 1.5

Please refer to for additional details.


django-auth-pubtkt uses M2Crypto library. Installation instructions for different platforms are below. When M2Crypto is installed, django-auth-pubtkt can be installed using pip pip install django-auth-pubtkt or using setuptools ./ install


Use binary package available on


Fedora Core (and RedHat, CentOS etc.) have made changes to OpenSSL configuration compared to many other Linux distributions. If you can not build M2Crypto normally, try the script included with M2Crypto sources.

pip install –download=/tmp M2Crypto==0.21.1 cd /tmp tar -zxf /tmp/M2Crypto-0.21.1.tar.gz cd M2Crypto-0.21.1 ./ install python test

Note that test is required in some cases to fix “ImportError: No module named __m2crypto” error. lease refer to for additional details


Add ‘django_auth_pubtkt.DjangoAuthPubtkt’ to MIDDLEWARE_CLASSES Change LOGIN_URL to “/sso/” Set TKT_AUTH_LOGIN_URL to the address of SSO login page Add piece of code below to from django_auth_pubtkt.views import redirect_to_sso url(‘^sso/’, redirect_to_sso),

OR Change LOGIN_URL to the address of SSO login page Configure your SSO to use ‘next’ as redirect field name or use @method_decorator(login_required(redirect_field_name=”back”))

Configuration variables (

TKT_AUTH_PUBLIC_KEY Default: None Filename of DSA public key in .pem format. It is used to verify ticket signature.

TKT_AUTH_COOKIE_NAME Default: “auth_pubtkt” Name of the authentication cookie to use.

TKT_AUTH_USE_GROUPS Default: False Treat tokens as group names. Create groups if they don’t exist yet.

TKT_AUTH_LOGIN_URL Default: None URL that users without a valid ticket will be redirected to

TKT_AUTH_BACK_ARG_NAME Default: “back” Name of the GET argument with the originally requested URL (when redirecting to the login page)

TKT_AUTH_ANONYMOUS_USER Default: True Add AnonymousUser object if no auth_pubtkt cookie is found. If set, django_auth_pubtkt can be used as a replacement to AuthenticationMiddleware. If disabled, AuthenticationMiddleware and django_auth_pubtkt can be used together.

Release History

Release History

This version
History Node


History Node


History Node


History Node


History Node


History Node


Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
django-auth-pubtkt-1.1.2.win32.exe (208.4 kB) Copy SHA256 Checksum SHA256 any Windows Installer Feb 2, 2014 (12.8 kB) Copy SHA256 Checksum SHA256 Source Feb 2, 2014

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting