GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Brown-University-Library → Django Shibboleth Remoteuser

Brown-University-Library / Django Shibboleth Remoteuser

Licence: mit
Middleware for using Shibboleth with Django

Programming Languages

python
139335 projects - #7 most used programming language

Labels

djangousers

Projects that are alternatives of or similar to Django Shibboleth Remoteuser

Liquid dl
Liquid-dl is a simple tool for utlities such as FFMPEG, youtube-dl, and scdl. It provides a simple framework with simple point and click options allowing users to just click on what they need and use the bare minimum commands to get the results needed.
Stars: ✭ 78 (-6.02%)
Mutual labels:  django
Djongo
Django and MongoDB database connector
Stars: ✭ 1,222 (+1372.29%)
Mutual labels:  django
Drf Autodocs
Ultimately automated DRF documentation rendering(UNMAINTAINED)
Stars: ✭ 82 (-1.2%)
Mutual labels:  django
Django Storage Swift
OpenStack Swift storage backend for Django
Stars: ✭ 78 (-6.02%)
Mutual labels:  django
Django Poll App
Django poll app is a full featured polling app. You have to register in this app to show the polls and to vote. If you already voted you can not vote again. Only the owner of a poll can add poll , edit poll, update poll, delete poll , add choice, update choice, delete choice and end a poll. If a poll is ended it can not be voted. Ended poll only shows user the final result of the poll. There is a search option for polls. Also user can filter polls by name, publish date, and by number of voted. Pagination will work even after applying filter.
Stars: ✭ 78 (-6.02%)
Mutual labels:  django
Django Crash Starter
The Cookiecutter template for the Django Crash Course tutorial by Daniel and Audrey Feldroy.
Stars: ✭ 80 (-3.61%)
Mutual labels:  django
Codingwithmitchblog Rest Api
A continuation of the CodingWithMitchBlog course. Adding a REST API using Django REST-framework
Stars: ✭ 78 (-6.02%)
Mutual labels:  django
Djangochat
A simple chat room using Django Channels.
Stars: ✭ 83 (+0%)
Mutual labels:  django
Brandenburg
Laravel Authentication Package
Stars: ✭ 79 (-4.82%)
Mutual labels:  users
Archer
基于inception的自动化SQL操作平台,支持SQL执行、LDAP认证、发邮件、OSC、SQL查询、SQL优化建议、权限管理等功能,支持docker镜像
Stars: ✭ 1,239 (+1392.77%)
Mutual labels:  django
Nuxx
Visual Docker composer for faster development. Discover, leverage, and launch community recipes.
Stars: ✭ 79 (-4.82%)
Mutual labels:  django
Education Backend
Django backend for my info-business website
Stars: ✭ 79 (-4.82%)
Mutual labels:  django
Django Notifications
GitHub notifications alike app for Django
Stars: ✭ 1,237 (+1390.36%)
Mutual labels:  django
Postmarker
Python client library for Postmark API
Stars: ✭ 79 (-4.82%)
Mutual labels:  django
Pets
Pets is a Django-based website that allows people to share photos and information about missing pets and pets available for adoption
Stars: ✭ 82 (-1.2%)
Mutual labels:  django
The Complete Guide To Drf And Vuejs
📢 Source Code from my Web Dev Course *The Complete Guide To Django REST Framework and Vue JS* (Lang: English & Italian)
Stars: ✭ 78 (-6.02%)
Mutual labels:  django
Django Rest Framework Msgpack
MessagePack support for Django REST framework
Stars: ✭ 78 (-6.02%)
Mutual labels:  django
Django Currentuser
Conveniently store reference to request user on thread/db level.
Stars: ✭ 83 (+0%)
Mutual labels:  django
Spleeter Web
Self-hostable web app for isolating the vocal, accompaniment, bass, and drums of any song. Powered by Spleeter, Demucs, Tasnet, X-UMX. Built with React and Django.
Stars: ✭ 82 (-1.2%)
Mutual labels:  django
Asvs
A simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (-3.61%)
Mutual labels:  django
View All Similar Projects ➔

django-shibboleth-remoteuser

|build-status|

Middleware for using Shibboleth with Django. Requires Django 1.3 or above for RemoteAuthMiddleware.

Requirements

  • shibboleth-sp service installed on your system
  • shibboleth module enabled or compiled on your web server
  • Django >= 1.8 for version > 0.6 or Django > 1.3 for version <= 0.6

Installation and configuration

  1. Either checkout and run python setup.py install or install directly from GitHub using pip:

    .. code-block:: bash

    pip install git+https://github.com/Brown-University-Library/django-shibboleth-remoteuser.git

  2. In settings.py:

    • Enable the RemoteUserBackend.

      .. code-block:: python

      AUTHENTICATION_BACKENDS += (
    'shibboleth.backends.ShibbolethRemoteUserBackend',
)

    • Add the Django Shibboleth middleware. You must add django.contrib.auth.middleware.ShibbolethRemoteUserMiddleware to the MIDDLEWARE_CLASSES setting after django.contrib.auth.middleware.AuthenticationMiddleware. For example:

      .. code-block:: python

      MIDDLEWARE_CLASSES = (
    ...
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'shibboleth.middleware.ShibbolethRemoteUserMiddleware',
    ...
)

    • Map Shibboleth attributes to Django User models. The attributes must be stated in the form they have in the HTTP headers. Use this to populate the Django User object from Shibboleth attributes.

      The first element of the tuple states if the attribute is required or not. If a required element is not found in the parsed Shibboleth headers, an exception will be raised. For example, (True, "required_attribute"), (False, "optional_attribute).

      .. code-block:: python

      SHIBBOLETH_ATTRIBUTE_MAP = {
    "shib-user": (True, "username"),
    "shib-given-name": (True, "first_name"),
    "shib-sn": (True, "last_name"),
    "shib-mail": (False, "email"),
}

    • Set the LOGIN_URL to the login handler of your Shibboleth installation. In most cases, this will be something like:

      .. code-block:: python

      LOGIN_URL = 'https://your_domain.edu/Shibboleth.sso/Login'

  3. Apache configuration - make sure the Shibboleth attributes are available to the app. The app url doesn't need to require Shibboleth.

    .. code-block:: xml

    <Location /app>
  AuthType shibboleth
  Require shibboleth
</Location>

Verify configuration

If you would like to verify that everything is configured correctly, follow the next two steps below. It will create a route in your application at /yourapp/shib/ that echos the attributes obtained from Shibboleth. If you see the attributes you mapped above on the screen, all is good.

  • Add shibboleth to installed apps.

    .. code-block:: python

    INSTALLED_APPS += (
    'shibboleth',
)

  • Add below to urls.py to enable the included sample view. This view just echos back the parsed user attributes, which can be helpful for testing.

    .. code-block:: python

    urlpatterns += [
    url(r'^shib/', include('shibboleth.urls', namespace='shibboleth')),
]

At this point, the django-shibboleth-remoteuser middleware should be complete.

Optional

Template tags


Template tags are included which will allow you to place ``{{ login_link }}``
or ``{{ logout_link }}`` in your templates for routing users to the
login or logout page. These are available as a convenience and are not required.
To activate, add the following to ``settings.py``:

.. code-block:: python

    TEMPLATES = [
        {
        ...
            'OPTIONS': {
                'context_processors': [
                    ...
                    'shibboleth.context_processors.login_link',
                    'shibboleth.context_processors.logout_link',
                    ...
                ],
            },
        ...
        },
    ]


Permission group mapping

It is possible to map a list of attributes to Django permission groups. django-shibboleth-remoteuser will generate the groups from the semicolon-separated values of these attributes. They will be available in the Django admin interface and you can assign your application permissions to them.

.. code-block:: python

SHIBBOLETH_GROUP_ATTRIBUTES = ['Shibboleth-affiliation', 'Shibboleth-isMemberOf']

By default this value is empty and will not affect your group settings. But when you add attributes to SHIBBOLETH_GROUP_ATTRIBUTES the user will only associated with those groups. Be aware that the user will be removed from groups not defined in SHIBBOLETH_GROUP_ATTRIBUTES, if you enable this setting. Some installations may create a lot of groups. You may check your group attributes at https://your_domain.edu/Shibboleth.sso/Session before activating this feature.

Fields identified in SHIBBOLETH_GROUP_ATTRIBUTES can be a string of group names with a delimiter. By default the delimiter is ;, but this can be overridden to be one or many delimiters using the SHIBBOLETH_GROUP_DELIMITERS setting.

For example, given:

  • SHIBBOLETH_GROUP_ATTRIBUTES = ['Shibboleth-isMemberOf']
  • request headers includes: Shibboleth-isMemberOf: 'users;admins,managers'

=========================== ======================================= SHIBBOLETH_GROUP_DELIMITERS Parsed Groups =========================== ======================================= default users and admins,managers [','] users;admins and managers [',', ';'] users, admins, and managers =========================== =======================================

.. |build-status| image:: https://travis-ci.org/Brown-University-Library/django-shibboleth-remoteuser.svg?branch=master&style=flat :target: https://travis-ci.org/Brown-University-Library/django-shibboleth-remoteuser :alt: Build status

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].