I'm running Django 1.3.1 on FreeBSD + Apache2.2 inside an intranet.
I do not grok authentication, so here is my problem and a question about how I can solve it (maybe). What I need is the name of the user who hits the application. I don't care about the password, I just need to know who they are. I've been unable to get the REMOTE_USER from Apache, mainly because I think Apache doesn't know it either (no authentication is used on the httpd.conf).
I thought (here's my maybe solution) I might create a bunch of users in Django by parsing the /etc/passwd database. Then at least each user would have the same username/password they use to login to the network.
Is that possible? Is there a better way to get the username? thanks, --Tim
I'm not totally sure, but I don't think this will work. You could parse the passwd file to get the usernames, but the passwords are encrypted. Since you don't have the system's decryption key, you would not be able to determine the password. If you just used what is in /etc/shadow it would not match the password that the users enter when they try to authenticate in Django.
I would suggest using Django's built-in authentication system. Then when a user goes to your site, and enters their credentials, you will be able to access the user information in the view with request.user (assuming "request" is your view's first parameter name).
Finally, you can use the decorator @login_required for views that require authentication. However, I found it easier for many applications that use site-wide authentication (usually the case with intranet development) to use middleware to require login for every page. I implemented something similar to this and it works perfectly.: http://onecreativeblog.com/post/59051248/django-login-required-middle...
On Thu, Feb 2, 2012 at 7:47 AM, Tim <jtim.arn...@gmail.com> wrote: > I'm running Django 1.3.1 on FreeBSD + Apache2.2 inside an intranet.
> I do not grok authentication, so here is my problem and a question about > how I can solve it (maybe). > What I need is the name of the user who hits the application. I don't care > about the password, I just need to know who they are. I've been unable to > get the REMOTE_USER from Apache, mainly because I think Apache doesn't know > it either (no authentication is used on the httpd.conf).
> I thought (here's my maybe solution) I might create a bunch of users in > Django by parsing the /etc/passwd database. Then at least each user would > have the same username/password they use to login to the network.
> Is that possible? Is there a better way to get the username? > thanks, > --Tim
> -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/django-users/-/qO-mxTOE0joJ. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en.
> I'm running Django 1.3.1 on FreeBSD + Apache2.2 inside an intranet.
> I do not grok authentication, so here is my problem and a question > about how I can solve it (maybe). > What I need is the name of the user who hits the application. I don't > care about the password, I just need to know who they are. I've been > unable to get the REMOTE_USER from Apache, mainly because I think > Apache doesn't know it either (no authentication is used on the > httpd.conf).
> I thought (here's my maybe solution) I might create a bunch of users > in Django by parsing the /etc/passwd database. Then at least each user > would have the same username/password they use to login to the network.
> Is that possible? Is there a better way to get the username? > thanks, > --Tim
> -- > You received this message because you are subscribed to the Google > Groups "Django users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/django-users/-/qO-mxTOE0joJ. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en.
Thanks for all this great information. Thorsten, I do have hope that 'pam' will solve the problem, but if I get nowhere with that, Furbee's links and info will help me go further; I just didn't want the user to have to sign on twice when I don't really care about authentication, just user identification. In any case, I'm reading those docs now, and the blog article.
David, I wish I could do this via the LDAP set up but as far as I can tell there isn't one.
> Thanks for all this great information. Thorsten, I do have hope that > 'pam' will solve the problem, but if I get nowhere with that, Furbee's > links and info will help me go further; I just didn't want the user to > have to sign on twice when I don't really care about authentication, > just user identification. In any case, I'm reading those docs now, and > the blog article.
> David, I wish I could do this via the LDAP set up but as far as I can > tell there isn't one.
You can.
If you accept that users will have to authenticate in your Django app then if you use ldap you won't have to worry about passwords at all. They will enter the same username and password they usually do when they power up their workstations.
I have used Peter Herndon's django-ldap-groups very successfully to do just that. It will create a new user including any ldap groups you set up for Django based entirely on successful ldap authentication. It will bring whatever ldap info across to Django that you require.
> -- > You received this message because you are subscribed to the Google > Groups "Django users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/django-users/-/mNmX0CImKo8J. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en.
