On May 21, 11:57 am, Graham Dumpleton <[EMAIL PROTECTED]>
wrote:
> On May 21, 11:47 am, "James Bennett" <[EMAIL PROTECTED]> wrote:
>
>
>
> > On Tue, May 20, 2008 at 7:14 PM, Graham Dumpleton
>
> > <[EMAIL PROTECTED]> wrote:
> > > If you want to use HTTP Basic authentication, then put everything
> > > under/behind Apache and use Apache to do it. If you want to use form
> > > based authentication with same user database across all applications
> > > gets a bit harder. Which do you want?
>
> > It's actually not that hard, even if you want to require auth only for
> > specific areas. A middleware like this might do the trick (with a
> > little tweaking):
>
> > from django.contrib.auth.decorators import login_required
>
> > class AuthRequiredMiddleware(object):
> > def process_view(self, request, view_func, view_args, view_kwargs):
> > if ... (fill in test here to see if it's a URL or view you
> > want to require auth for):
> > return login_required(view_func)(request, *view_args,
> > **view_kwargs)
>
> This is where I am ignorant of what can be done with Django. But then
> rereading OP question I may have been reading too much in it. My
> initial impression was that he was talking about distinct Django
> instances. I forgot that Django has a concept of applications within a
> specific Django instance. Because of mod_wsgi I always tend to think
> of the more complicated cases that need to be handled. :-(
>
> Let me ask my own question then. If one is running multiple Django
> instances, does Django provide anything that would help with single
> sign on (SSO) across all the distinct Django application instances?
>
> There are obviously various challenges with this because of need for
> single session database, plus any requirements for configuring
> settings.py as to naming of the cookie, setting of cookie path and any
> magic session keys that might need to be shared.
>
> I remember something about Paste (Pylons?) having some support in it
> for working with a SSO module which is available for Apache. Can't
> remember the name of the Apache module right now, not sure if it is
> mod_auth_form or not. This is handling most stuff outside of Apache,
> except perhaps for the user authentication through a special script.
Hmmm, meant 'outside of Django'.
Graham
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
