Simple CAS 1.0 Authentication for Django
posted by brian at 03:18 PM
Back when I expressed interest in making the web presentation bounty based solely on client-side code, Simon (bounty master and Filer admin) expressed his wish to keep the two services decoupled (so I shouldn't rely on Filer for slideshow storage). While I still want to have a save-to-Filer feature, I decided that I should just go ahead and get the web presentation system up and running before worrying about a client-side-only version. So I started a Django project.
Anyway, the result is that I got CAS 1.0 working alongside the Django authentication system, which means I can take advantage of built-in features like permissions and messages with CAS-authenticated users.
If anyone else is interested in using CAS authentication with Django, you can download the code I'm using. Here's a brief usage guide:
- Set
SERVICE_URLincas/__init__.pyto the location of your CAS service. For example, Case's ishttps://login.case.edu/cas/. - Set
DEFAULT_REDIRECT_URLincas/__init__.py. Normally the user will be sent back to theirHTTP_REFERER(the page that requested login) after authentication. But if the user requests/accounts/login/directly (or there is noHTTP_REFERER), they will be sent toDEFAULT_REDIRECT_URL. - Enable the
loginandlogoutviews by adding these to your URLconf (customize the URLs if you want):(r'^accounts/login/$', 'your_site.cas.views.login'), (r'^accounts/logout/$', 'your_site.cas.views.logout'), - Add the backend in
settings.py:AUTHENTICATION_BACKENDS = ( 'your_site.cas.backends.CASBackend', ) - Make sure at least the following apps are installed:
INSTALLED_APPS = ( 'django.contrib.auth', 'django.contrib.sessions', 'your_site.cas', ) - Finally, if you have a way to populate the user's name and e-mail address fields from their username, put it in
cas/backends.py(see the comments). For example, I have LDAP code there.
P.S.: This just implements the minimum required for CAS authentication. Features like gateway, renew, and proxies are not supported.
An alpha version of the presentation system should be online to play with later this week.
Comments
Brian,
I came across your blog when searching for "django cas" and I am very interested in what you have done. I noticed the date on the post was almost a year ago and wondered if you a newer version? Do the instructions on your blog still apply or has anything changed?
Thanks,
Parker
Programmer / Analyst
Southern Utah University