Re: Auto-login with REMOTE_USER

Tue, 05 Dec 2006 08:20:16 -0800 

Thanks, Brian and Ivan! The CAS example was helpful in figuring things
out. Turns out the solution was simple, but the Django documentation
was not as much help as I would have liked -- I guess because, again,
the general assumption is that Django is going to handle the
authentication credentials (username and password) via a login form
submitted to Django. In my case, the real authentication is handled in
Apache prior to Django entering the picture (i.e., an Apache module
handles redirecting the client to login form, etc.).

So, the heart of the solution was in the middleware piece:

def process_request(self, request):
        # AuthenticationMiddleware is required to create request.user
        error = """The Django RemoteUserAuth middleware requires
authentication middleware to be installed. Edit your MIDDLEWARE_CLASSES
setting to insert
'django.contrib.auth.middleware.AuthenticationMiddleware' *before* the
RemoteUserMiddleware class."""
        assert hasattr(request, 'user'), error
        if request.user.is_anonymous():
                user = authenticate(username=request.META['REMOTE_USER'])
                if user is not None:
                        request.user = user    # set request.user to the 
authenticated user
                        login(request, user)   # auto-login the user to Django
        return None

The authentication backend just gets the user object by username:

def authenticate(self, username, password=None):
        """
        Authenticate user - RemoteUserAuth middleware passes REMOTE_USER
        as username. password param is not used, just added in case :)
        """
        user = None
        if username:
                try:
                        user = User.objects.get(username=username)
                except User.DoesNotExist:
                        # Auto-create user
                        if settings.REMOTE_USER_AUTH_AUTO_CREATE:
                                # We'll create a password, but it won't be used
                                password = User.objects.make_random_password()
                                # TODO: add LDAP lookup here
                                user = User.objects.create_user(username, '', 
password)
                                user.is_staff = True
                                user.save()
        return user


--~--~---------~--~----~------------~-------~--~----~
 You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to