Implementation of mod_auth_pubtkt as Django middleware
Author: Alexander Vyushkov
Implementation of mod_auth_pubtkt: a pragmatic Web Single Sign-On (SSO) solution as Django middleware. This version was tested on Python == 2.7, Django == 1.5
Please refer to https://neon1.net/mod_auth_pubtkt/index.html for additional details.
django-auth-pubtkt uses M2Crypto library. Installation instructions for different platforms are below. When M2Crypto is installed, django-auth-pubtkt can be installed using pip pip install django-auth-pubtkt or using setuptools ./setup.py install
Use binary package available on http://chandlerproject.org/Projects/MeTooCrypto#Downloads
Fedora Core (and RedHat, CentOS etc.) have made changes to OpenSSL configuration compared to many other Linux distributions. If you can not build M2Crypto normally, try the fedora_setup.sh script included with M2Crypto sources.
pip install –download=/tmp M2Crypto==0.21.1 cd /tmp tar -zxf /tmp/M2Crypto-0.21.1.tar.gz cd M2Crypto-0.21.1 ./fedora_setup.sh install python setup.py test
Note that setup.py test is required in some cases to fix “ImportError: No module named __m2crypto” error. lease refer to http://stackoverflow.com/questions/4773659/cant-install-a-python-package for additional details
Add ‘django_auth_pubtkt.DjangoAuthPubtkt’ to MIDDLEWARE_CLASSES Change LOGIN_URL to “/sso/” Set TKT_AUTH_LOGIN_URL to the address of SSO login page Add piece of code below to urls.py from django_auth_pubtkt.views import redirect_to_sso url(‘^sso/’, redirect_to_sso),
OR Change LOGIN_URL to the address of SSO login page Configure your SSO to use ‘next’ as redirect field name or use @method_decorator(login_required(redirect_field_name=”back”))
Configuration variables (settings.py)
TKT_AUTH_PUBLIC_KEY Default: None Filename of DSA public key in .pem format. It is used to verify ticket signature.
TKT_AUTH_COOKIE_NAME Default: “auth_pubtkt” Name of the authentication cookie to use.
TKT_AUTH_USE_GROUPS Default: False Treat tokens as group names. Create groups if they don’t exist yet.
TKT_AUTH_LOGIN_URL Default: None URL that users without a valid ticket will be redirected to
TKT_AUTH_BACK_ARG_NAME Default: “back” Name of the GET argument with the originally requested URL (when redirecting to the login page)
TKT_AUTH_ANONYMOUS_USER Default: True Add AnonymousUser object if no auth_pubtkt cookie is found. If set, django_auth_pubtkt can be used as a replacement to AuthenticationMiddleware. If disabled, AuthenticationMiddleware and django_auth_pubtkt can be used together.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size & hash SHA256 hash help||File type||Python version||Upload date|
|django-auth-pubtkt-1.1.2.win32.exe (208.4 kB) Copy SHA256 hash SHA256||Windows Installer||any||Feb 2, 2014|
|django-auth-pubtkt-1.1.2.zip (12.8 kB) Copy SHA256 hash SHA256||Source||None||Feb 2, 2014|