{ "info": { "author": "Matt Magin", "author_email": "matt.azmoo@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Environment :: Web Environment", "Framework :: Django :: 1.10", "Framework :: Django :: 1.11", "License :: OSI Approved :: MIT License", "Natural Language :: English", "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3 :: Only", "Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware", "Topic :: System :: Systems Administration :: Authentication/Directory :: LDAP" ], "description": "# django-auth-spnego\n\nThis project provides SPNEGO and Kerberos authentication to a django project. You can do this with apache\nor IIS and use Django's RemoteUser middleware for authentication but I don't use those web servers\nand others don't support it.\n\nThe actual authorization is done using a middleware that handles the kerberos negotiation and\nthe django user management and login handling implements the incredibly useful\n[django-auth-ldap](https://bitbucket.org/illocution/django-auth-ldap).\n\nThe hardest thing about getting this working is getting the kerberos set up properly between your\napplication server and the AD domain. Some docs for this are coming.\n\nIf your django project uses sessions for much other than authentication then this project\nmight not be for you, as the middleware will log a user out after the kerberos ticket\nhas expired (default 600 minutes) which destroys the entire session. You can change this\nbut then you have to figure out how you're going to destroy a session when the user's\nkerberos session ticket expires.\n\n### Prerequisites\n\n* An Active Directory Domain\n* A valid kerberos configuration on your application server\n* An SPN created for the user running the application server\n\n### Installing\n\nYou will need to add the following to your `settings.py` in your django project.\n\nAdd the middleware to django's `MIDDLEWARE` setting below the `AuthenticationMiddleware`.\nThe order of your middlware classes are important as django-auth-spnego requires `request.user`\nto be set by `AuthenticationMiddleware`. For example:\n\n```python\nMIDDLEWARE = [\n 'django.middleware.security.SecurityMiddleware',\n 'django.contrib.sessions.middleware.SessionMiddleware',\n 'django.middleware.common.CommonMiddleware',\n 'django.middleware.csrf.CsrfViewMiddleware',\n 'django.contrib.auth.middleware.AuthenticationMiddleware',\n 'authspnego.middleware.AuthSpnegoMiddleware',\n 'django.contrib.messages.middleware.MessageMiddleware',\n 'django.middleware.clickjacking.XFrameOptionsMiddleware',\n]\n```\n\nAdd the `LDAPBackend` to your `AUTHENTICATION_BACKENDS` setting:\n\n```python\nAUTHENTICATION_BACKENDS = (\n 'django_auth_ldap.backend.LDAPBackend',\n 'django.contrib.auth.backends.ModelBackend',\n)\n```\n\nAdd the SPNEGO specific settings. It's critical you get these values right or none of this will work:\n\n```python\nSPNEGO_REALM = 'LAB.AZMOO.ID.AU' # Your AD Domain. This is almost always capitalised.\nSPNEGO_HOSTNAME = 'your-app-server.lab.azmoo.id.au' # The FQDN of your app server.\nSPNEGO_EXPIRE_LOGIN = 600 # Set this to false to never expire\n```\n\nFinally you need to configure [django-auth-ldap](https://bitbucket.org/illocution/django-auth-ldap).\n\n## Versioning\n\nWe use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/your/project/tags).\n\n## Authors\n\n* **Matt Magin** - *Initial work* - [AzMoo](https://github.com/AzMoo)\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE.md](LICENSE.md) file for details\n\n## Acknowledgments\n\n* The SSO implementation for [GateOne](https://liftoff.github.io/GateOne/Developer/sso.html) was very useful to see how the kerberos library was supposed to be used.\n* [django-auth-ldap](https://bitbucket.org/illocution/django-auth-ldap) saved me a load of time for the django auth side of things\n\n\n", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/AzMoo/django-auth-spnego", "keywords": "django spnego auth ldap middleware", "license": "MIT", "maintainer": "", "maintainer_email": "", "name": "django-auth-spnego", "package_url": "https://pypi.org/project/django-auth-spnego/", "platform": "", "project_url": "https://pypi.org/project/django-auth-spnego/", "project_urls": { "Homepage": "https://github.com/AzMoo/django-auth-spnego" }, "release_url": "https://pypi.org/project/django-auth-spnego/0.1.1/", "requires_dist": [ "django", "kerberos", "django-auth-ldap" ], "requires_python": ">=3.4", "summary": "SPNEGO Kerberos authentication middleware for django", "version": "0.1.1" }, "last_serial": 3150272, "releases": { "0.1.1": [ { "comment_text": "", "digests": { "md5": "7261f12599fda3e6b33864107aba2664", "sha256": "dfe4ceef745eeb506e442483222d3c7251a8cb8891330a3d6ac2c9a3fa024350" }, "downloads": -1, "filename": "django_auth_spnego-0.1.1-py3-none-any.whl", "has_sig": false, "md5_digest": "7261f12599fda3e6b33864107aba2664", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.4", "size": 8387, "upload_time": "2017-09-05T12:39:07", "url": "https://files.pythonhosted.org/packages/6c/48/c258126a56391489d9496230b7a94318e1f562ce3d2a0c2f0808bbaa8340/django_auth_spnego-0.1.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "b1db1165de888803b2117f3d927de424", "sha256": "96374710fefbe2da0132de38a9270d272ec56f3b3869fabe94ac578827ceaf9b" }, "downloads": -1, "filename": "django-auth-spnego-0.1.1.tar.gz", "has_sig": false, "md5_digest": "b1db1165de888803b2117f3d927de424", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 6198, "upload_time": "2017-09-05T12:39:08", "url": "https://files.pythonhosted.org/packages/ab/7a/ee04d024592b90cf82d743fb618839ae500adc7633d3e00e692f44e3a01f/django-auth-spnego-0.1.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "7261f12599fda3e6b33864107aba2664", "sha256": "dfe4ceef745eeb506e442483222d3c7251a8cb8891330a3d6ac2c9a3fa024350" }, "downloads": -1, "filename": "django_auth_spnego-0.1.1-py3-none-any.whl", "has_sig": false, "md5_digest": "7261f12599fda3e6b33864107aba2664", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.4", "size": 8387, "upload_time": "2017-09-05T12:39:07", "url": "https://files.pythonhosted.org/packages/6c/48/c258126a56391489d9496230b7a94318e1f562ce3d2a0c2f0808bbaa8340/django_auth_spnego-0.1.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "b1db1165de888803b2117f3d927de424", "sha256": "96374710fefbe2da0132de38a9270d272ec56f3b3869fabe94ac578827ceaf9b" }, "downloads": -1, "filename": "django-auth-spnego-0.1.1.tar.gz", "has_sig": false, "md5_digest": "b1db1165de888803b2117f3d927de424", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 6198, "upload_time": "2017-09-05T12:39:08", "url": "https://files.pythonhosted.org/packages/ab/7a/ee04d024592b90cf82d743fb618839ae500adc7633d3e00e692f44e3a01f/django-auth-spnego-0.1.1.tar.gz" } ] }