Quick followup in case anyone is interested (anyone? Bueller?)...
One problem is handling the admin site, which doesn't really account
for an authentication backend that doesn't know the user's password
(making the login form useless). So, without wanting to hack up
django.contrib.admin, here's what I came up with...
In cas/views.py, add an admin view:
def admin(request):
if request.user.is_authenticated():
if request.user.is_staff:
from django.contrib.admin.views.main import index
return index(request)
else:
error = "<h1>Forbidden</h1><p>You do not have staff
privileges.</p>"
return HttpResponseForbidden(error)
params = urlencode({'next': request.get_full_path()})
return HttpResponseRedirect('/accounts/login/?' + params)
Then just make sure your URLconf finds that view before the admin login
page:
(r'^admin/$', 'present.cas.views.admin'),
(r'^admin/', include('django.contrib.admin.urls')),
So I think this will only work when the user needs to authenticate at
/admin/ (and not if they lose authentication doing some other admin
request), but for now it works...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
