Skip to main content

Implementation of mod_auth_pubtkt as Django middleware

Project description


Author: Alexander Vyushkov

Implementation of mod_auth_pubtkt: a pragmatic Web Single Sign-On (SSO) solution as Django middleware. This version was tested on Python == 2.7, Django == 1.5

Please refer to for additional details.


django-auth-pubtkt uses M2Crypto library. Installation instructions for different platforms are below. When M2Crypto is installed, django-auth-pubtkt can be installed using pip pip install django-auth-pubtkt or using setuptools ./ install


Use binary package available on


Fedora Core (and RedHat, CentOS etc.) have made changes to OpenSSL configuration compared to many other Linux distributions. If you can not build M2Crypto normally, try the script included with M2Crypto sources.

pip install –download=/tmp M2Crypto==0.21.1 cd /tmp tar -zxf /tmp/M2Crypto-0.21.1.tar.gz cd M2Crypto-0.21.1 ./ install python test

Note that test is required in some cases to fix “ImportError: No module named __m2crypto” error. lease refer to for additional details


Add ‘django_auth_pubtkt.DjangoAuthPubtkt’ to MIDDLEWARE_CLASSES Change LOGIN_URL to “/sso/” Set TKT_AUTH_LOGIN_URL to the address of SSO login page Add piece of code below to from django_auth_pubtkt.views import redirect_to_sso url(‘^sso/’, redirect_to_sso),

OR Change LOGIN_URL to the address of SSO login page Configure your SSO to use ‘next’ as redirect field name or use @method_decorator(login_required(redirect_field_name=”back”))

Configuration variables (

TKT_AUTH_PUBLIC_KEY Default: None Filename of DSA public key in .pem format. It is used to verify ticket signature.

TKT_AUTH_COOKIE_NAME Default: “auth_pubtkt” Name of the authentication cookie to use.

TKT_AUTH_USE_GROUPS Default: False Treat tokens as group names. Create groups if they don’t exist yet.

TKT_AUTH_LOGIN_URL Default: None URL that users without a valid ticket will be redirected to

TKT_AUTH_BACK_ARG_NAME Default: “back” Name of the GET argument with the originally requested URL (when redirecting to the login page)

TKT_AUTH_ANONYMOUS_USER Default: True Add AnonymousUser object if no auth_pubtkt cookie is found. If set, django_auth_pubtkt can be used as a replacement to AuthenticationMiddleware. If disabled, AuthenticationMiddleware and django_auth_pubtkt can be used together.

Project details

Release history Release notifications

History Node


History Node


This version
History Node


History Node


History Node


History Node


History Node


History Node


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
django-auth-pubtkt-1.1.2.win32.exe (208.4 kB) Copy SHA256 hash SHA256 Windows Installer any Feb 2, 2014 (12.8 kB) Copy SHA256 hash SHA256 Source None Feb 2, 2014

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page