forked from Baguage/django-auth-pubtkt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
74 lines (60 loc) · 2.42 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
==================================================
django-auth-pubtkt
==================================================
Author: Alexander Vyushkov
Implementation of mod_auth_pubtkt: a pragmatic Web Single Sign-On (SSO) solution as Django middleware.
This version was tested on Python == 2.7, Django == 1.5
Please refer to https://neon1.net/mod_auth_pubtkt/index.html for additional details.
==================================================
Installation:
==================================================
django-auth-pubtkt uses M2Crypto library. Installation instructions for
different platforms are below.
When M2Crypto is installed, django-auth-pubtkt can be installed using pip
pip install django-auth-pubtkt
or using setuptools
./setup.py install
Windows
==================================================
Use binary package available on http://chandlerproject.org/Projects/MeTooCrypto#Downloads
CentOS/RedHat/Fedora
==================================================
Fedora Core (and RedHat, CentOS etc.) have made changes to OpenSSL
configuration compared to many other Linux distributions. If you can not
build M2Crypto normally, try the fedora_setup.sh script included with
M2Crypto sources.
pip install --download=/tmp M2Crypto
cd /tmp
tar -zxf /tmp/M2Crypto-0.21.1.tar.gz
cd M2Crypto-0.21.1
./fedora_setup.sh install
==================================================
Configuration
==================================================
Add 'django_auth_pubtkt.DjangoAuthPubtkt' to MIDDLEWARE_CLASSES
Change LOGIN_URL to "/sso/"
Set TKT_AUTH_LOGIN_URL to the address of SSO login page
Add piece of code below to urls.py
from django_auth_pubtkt.views import redirect_to_sso
url('^sso/', redirect_to_sso),
OR
Change LOGIN_URL to the address of SSO login page
Configure your SSO to use 'next' as redirect field name
or
use @method_decorator(login_required(redirect_field_name="back"))
Configuration variables (settings.py)
TKT_AUTH_PUBLIC_KEY
Default: None
Filename of DSA public key in .pem format. It is used to verify ticket signature.
TKT_AUTH_COOKIE_NAME
Default: "auth_pubtkt"
Name of the authentication cookie to use.
TKT_AUTH_USE_GROUPS
Default: False
Treat tokens as group names. Create groups if they don't exist yet.
TKT_AUTH_LOGIN_URL
Default: None
URL that users without a valid ticket will be redirected to
TKT_AUTH_BACK_ARG_NAME
Default: "back"
Name of the GET argument with the originally requested URL (when redirecting to the login page)