Skip to content

suutari-ai/django-shibboleth-remoteuser

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

83 Commits
shibboleth
shibboleth
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 
quicktest.py
quicktest.py
 
 
setup.py
setup.py
 
 

Repository files navigation

django-shibboleth-remoteuser

Middleware for using Shibboleth with Django. Requires Django 1.3 or above for RemoteAuthMiddleware.

Build Status

Installation and configuration

  • Either checkout and run python setup.py install or install directly from Github with pip:

    pip install git+https://github.com/Brown-University-Library/django-shibboleth-remoteuser.git

  • In settings.py :

  • Enable the RemoteUserBackend.

    AUTHENTICATION_BACKENDS += (
  'django.contrib.auth.backends.RemoteUserBackend',
)

  • Add the Django Shibboleth middleware. You must add the django.contrib.auth.middleware.ShibbolethRemoteUserMiddleware to the MIDDLEWARE_CLASSES setting after the django.contrib.auth.middleware.AuthenticationMiddleware. For example:

 MIDDLEWARE_CLASSES = (
 ...
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'shibboleth.middleware.ShibbolethRemoteUserMiddleware',
 ...
 )
 ```

* Map Shibboleth attributes to Django User models.  A username is required.  
 If first_name, last_name, email are available as Shibboleth attributes they will be used to populate the Django User object.  
 The tuple of (True, "username") specifies that username is required.
 If it is not found in the parsed Shibboleth headers, an exception will be raised.
 To make a Shibboleth attribute specify it like this (False, "optional_attribute).  

 ```python   
 SHIBBOLETH_ATTRIBUTE_MAP = {
    "Shibboleth-user": (True, "username"),,
    "Shibboleth-givenName": (True, "first_name"),
    "Shibboleth-sn": (True, "last_name"),
    "Shibboleth-mail": (True, "email"),
 }
 ```
 
* Login url - set this to a Shibboleth protected path.  

```python
LOGIN_URL = 'https://school.edu/Shibboleth.sso/Login'

  • Apache configuration - make sure the shibboleth attributes are available to the app.

    <Location /app>
  AuthType shibboleth
  Require shibboleth
  ShibUseHeaders On
</Location>

Optional

  • Add shibboleth to installed apps.

    INSTALLED_APPS += (
  'shibboleth',
)

  • Add below to urls.py to enable the included sample view. This view just echos back the parsed user attributes, which can be helpful for testing.

    urlpatterns += patterns('',
  url(r'^shib/', include('shibboleth.urls', namespace='shibboleth')),
)

  • Template tags are included which will allow you to place {{ login_link }} or {{ logout_link }} in your templates for routing users to the login or logout page. To activate add the following to settings.py.

     TEMPLATE_CONTEXT_PROCESSORS += (
    'shibboleth.context_processors.login_link',
    'shibboleth.context_processors.logout_link'
 )

About

Middleware for using Shibboleth with Django

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

No packages published

Languages

  • Python 100.0%