Does the PersistentRemoteUserMiddleware added in Django 1.9 help?
https://docs.djangoproject.com/en/1.9/howto/auth-remote-user/#using-remote-user-on-login-pages-only
On Monday, November 30, 2015 at 3:36:00 PM UTC-5, Dan Davis wrote:
-- https://docs.djangoproject.com/en/1.9/howto/auth-remote-user/#using-remote-user-on-login-pages-only
On Monday, November 30, 2015 at 3:36:00 PM UTC-5, Dan Davis wrote:
So, where I work we have a CAS server we like to use. We like to use it with mod_auth_cas. So far, so good - RemoteUserMiddleware is my friend. The problem here is that REMOTE_USER will not be set unless the URI is protected by CAS, and if the URI is protected by CAS, then the user will be redirected right away. This is fine for admin URLs, but I want the CAS cookie to be validated/checked only on some URLs, without redirect. So, REMOTE_USER should be set only if the cookie is present and valid.Does anyone have any suggestions, either how I should change mod_auth_cas or my Apache directives to support this, or how I should change my use of RemoteUserMiddleware to allow this.Thanks,-Dan
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/ca120cbe-748a-4a3f-b351-474989311435%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment