Thanks Jacob and Ramiro. I finally figured it out, and unfortunately it was, of course, something stupid :(
I had changed the directory name holding my WSGI app and had not changed the Apache config's path reference in *both* places (ScriptAlias and Directory). SIGH. That was causing the static file requests to show up in access_log as from 'jblaine', which made me think all auth was working properly, when in fact it wasn't. It just took me to finally notice that there were requests from '-' and 'jblaine' in the same session full of requests. I'm a little surprised I even noticed finally. Additionally, as Jacob pointed out, I needed my own configure_user to set default permissions to get any login access to Admin for auto-created users. Sweet: [Thu May 19 23:31:36 2011] [error] in MyRemoteUserBackend.authenticate() [Thu May 19 23:31:36 2011] [error] Remote user is jblaine [Thu May 19 23:31:36 2011] [error] Remote user cleaned is jblaine [Thu May 19 23:31:36 2011] [error] Trying to create jblaine [Thu May 19 23:31:36 2011] [error] Created jblaine [Thu May 19 23:31:36 2011] [error] in MyRemoteUserBackend.configure_user() [Thu May 19 23:31:37 2011] [error] Set jblaine is_staff and is_superuser True Now I have the problem where "Logout" from Admin actually does not do much of anything because REMOTE_USER is still set in the browser and all someone has to do is revisit /admin with the same browser instance and they get automatically logged right back in without a password. But I'll take that after this victory. Thanks Jacob and Ramiro! -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
