Quick followup in case anyone is interested (anyone? Bueller?)... One problem is handling the admin site, which doesn't really account for an authentication backend that doesn't know the user's password (making the login form useless). So, without wanting to hack up django.contrib.admin, here's what I came up with...
In cas/views.py, add an admin view: def admin(request): if request.user.is_authenticated(): if request.user.is_staff: from django.contrib.admin.views.main import index return index(request) else: error = "<h1>Forbidden</h1><p>You do not have staff privileges.</p>" return HttpResponseForbidden(error) params = urlencode({'next': request.get_full_path()}) return HttpResponseRedirect('/accounts/login/?' + params) Then just make sure your URLconf finds that view before the admin login page: (r'^admin/$', 'present.cas.views.admin'), (r'^admin/', include('django.contrib.admin.urls')), So I think this will only work when the user needs to authenticate at /admin/ (and not if they lose authentication doing some other admin request), but for now it works... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---