Atlassian Crowd integration for Django with SSO
Project description
django-crowd-sso 
Simple Atlassian CROWD authentication backend for Django with SSO support
Configuration:
Put a CROWD configuration in your settings.py:
CROWD = {
'url': 'http://your.crowd.url:port/crowd/rest', # your CROWD rest API url
'app_name': 'your-registered-crowd-application-name', # appname, registered with CROWD
'password': 'application-password', # correct password for provided appname
'superuser': False, # if True makes CROWD-imported users superusers
'staffuser': False, # if True makes CROWD-imported users staffuser
'validation':'10.11.40.34', # The ipaddress the Crowd server is responding to
'sso': False, # TRurn on SSO
'blocked_creation_domains': ['@example.org'], # Domains not allowed to be created in the local db
'crowd_group': 'CrowdUser', # Group that all imported users are placed in
'DTS_not_use_public_schema': False # If DTS is installed don't save users and groups in Public schema
}
Add crowd.CrowdBackend in your AUTHENTICATION_BACKENDS settings list. Put it first so that password are only kept in CROWD:
AUTHENTICATION_BACKENDS = (
'crowd.backends.CrowdBackend'
'django.contrib.auth.backends.ModelBackend',
)
Add crowd.middleware.CrowdMiddleware to the Middleware
MIDDLEWARE_CLASSES = (
...
'crowd.middleware.CrowdMiddleware',
...
)
AUTHENTICATION_BACKENDS list to make sure you always start with crowd authentication before falling over to a local account.
simple test: py.test
Tox test: tox
test currently does not cover the SSO
Release Notes
Version 0.57
Added support for Django Tenant Schema (django-tenant-schemas) Will create crowd_group in the public schema if DTS is installed, unless setting NotPublicSchema == True
Version 0.56
Add users “Pulled” from crowd to the group defined in crowd_group, default “CrowdUser” New setting ‘disallowed_creation_domains’: [‘@wfp.org’]
New For version 0.52
Added disallowed emails to the import first version hardcoded @example.org, will be a setting in future
any email with @wfp.org but not in crowd will be in the disallowed list
example of use
User with email a@b.c is already user ‘a’ in the local db as a django created user
User with email b@c.c is already user ‘b’ in the local db as a imported user from Crowd
User with email c@a.b is no already user in the local db but exists in Crowd so it will be imported as user ‘c’
User with email d@e.f is not in local db nor in Crowd
User with email e@example.org has a domain that is on the disallowed list
from crowd.backends import import_users_from_email_list
emails = ["a@b.c", "b@c.c", "c@a.b", "d@e.f","e@example.org"]
added_or_found, not_found, not_alowed = import_users_from_email_list(emails)
print(added_or_found)
print(not_found)
print(not_allowed)
Resulting printout:
['a','b','c'] ['d@e.f'] ['e@example.org']
Credits:
Originally written for Django v1.3 by Konstantin J. Volkov konstantin-j-volkov@yandex.ru at 12.07.2012
Refactored, put together and tested with Django v1.4 by Grigoriy Beziuk gbezyuk@gmail.com at 27.08.2012
Refactored, updated for Django 1.9 and added SSO and other features by Tobias Carlander tobias.carlander@wfp.org at 2015/03/25
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_crowd_sso-0.58-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ac32c8287a5fa10fcf8ed445fb9cadd94ec8a36d2ddc72250f5897d8de51e4ff |
|
| MD5 | b51a7084493a2dbad098b58633435afc |
|
| BLAKE2b-256 | d0716eb6aaa0cfbe6a6af00f9f68ec2f3c058e0d6cb69ab866b531e8f6c4f304 |
