Ross Vandegrift a écrit : > On Wed, Dec 16, 2009 at 04:53:49PM +0100, Thomas Bellembois wrote: > >> What is the best way to user CAS authentication with Pylon ? >> I tried to use pycas (http://www.ja-sig.org/wiki/display/CASC/Pycas) >> putting the four lines in one of my controllers but this led to server >> errors. >> > > I never found an easy to use, ready to go Python module. It was > pretty easy to roll my own - CAS is pretty trivial. I have an > authentication controller that users are redirected to if they do not > have a properly authenticated session. The CAS interaction looks > like: > > ----- > if not request.params.has_key("ticket"): > url = "%s/login?service=%s" % (config.get('casurl'), > urllib.quote(config.get('appurl'))) > return redirect(url, code=307) > else: > url = "%s/validate?service=%s&ticket=%s" % (config.get('casurl'), > urllib.quote(config.get('appurl')), request.params["ticket"]) > (response, username) = urllib.urlopen(url).readlines() > if response.strip() == "no": > url = "%s/login?service=%s" % (config.get('casurl'), > urllib.quote(config.get('appurl'))) > return redirect(url, code=307) > ----- > > In my config, the variables look like this: > > casurl = https://cas-host/ > appurl = https://myapp/auth/ > > If the user passes CAS and falls through the above code, my app sets > them up a session with the appropriate authorization details. > > On the official CAS server, you'll need to do a bit more elaborate > parsing of the response - the above works with RubyCAS, which > implements different responses. > > Authorization is then done with the username against an LDAP > directory. CAS is purely for authentication. > > Ross > > Thanks a lot for this answer Ross. I will try this.
Regards, Thomas -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
