Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

Implementation of mod_auth_pubtkt as Django middleware

Project Description

# django-auth-pubtkt

Author: Alexander Vyushkov

Implementation of mod_auth_pubtkt: a pragmatic Web Single Sign-On (SSO) solution as Django middleware.
This version was tested on Python == 2.7, Django == 1.11

It is incompatible with previous versions (use django-auth-pubtkt==1.1.2 for Django 1.5)

Please refer to for additional details.

# Installation from GitHub

pip install git+git://

# Installation:

django-auth-pubtkt uses M2Crypto library. Installation instructions for
different platforms are below.
When M2Crypto is installed, django-auth-pubtkt can be installed using pip
pip install django-auth-pubtkt
or using setuptools
./ install

# Windows

Use binary package available on

# RedHat 7 + Python 3.5

I got "Failed building wheel for m2crypto" when used "pip install m2crypto" command.
The library was installed successfully, and all tests passed, somehow.

# CentOS 6/RedHat 6/Fedora

Fedora Core (and RedHat, CentOS etc.) have made changes to OpenSSL
configuration compared to many other Linux distributions. If you can not
build M2Crypto normally, try the script included with
M2Crypto sources.

pip install --download=/tmp M2Crypto==0.21.1
cd /tmp
tar -zxf /tmp/M2Crypto-0.21.1.tar.gz
cd M2Crypto-0.21.1
./ install
python test

Note that test is required in some cases to fix "ImportError: No module named __m2crypto" error.
lease refer to for additional details

CentOS 7/RedHat 7 should be fine

# Configuration

Add 'django_auth_pubtkt.middleware.DjangoAuthPubtkt' to MIDDLEWARE (Django 1.11+)

* Change LOGIN_URL to "/sso/"
* Set TKT_AUTH_LOGIN_URL to the address of SSO login page
* Add piece of code below to

from django.conf.urls import url
from django_auth_pubtkt.views import redirect_to_sso

urlpatterns = [
# ...
url('^sso/', redirect_to_sso),
# ...


Change LOGIN_URL to the address of SSO login page.
Configure your SSO to use 'next' as redirect field name.


use @method_decorator(login_required(redirect_field_name="back"))

# Configuration variables (

Default: None
Filename of DSA public key in .pem format. It is used to verify ticket signature.

Default: "auth_pubtkt"
Name of the authentication cookie to use.

Default: False
Treat tokens as group names. Create groups if they don't exist yet.

Default: None
URL that users without a valid ticket will be redirected to

Default: "back"
Name of the GET argument with the originally requested URL (when redirecting to the login page)

Default: True
Add AnonymousUser object if no auth_pubtkt cookie is found. If set, django_auth_pubtkt can be used as a replacement to AuthenticationMiddleware.
If disabled, AuthenticationMiddleware and django_auth_pubtkt can be used together.

Release History

This version
History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, Size & Hash SHA256 Hash Help File Type Python Version Upload Date
(19.0 kB) Copy SHA256 Hash SHA256
Egg 2.7 Mar 10, 2018
(7.7 kB) Copy SHA256 Hash SHA256
Source None Mar 10, 2018
(239.0 kB) Copy SHA256 Hash SHA256
Windows Installer any Mar 10, 2018

Supported By

Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Google Google Cloud Servers