Re: OpenToken Spec & Single Sign On
Well that doesn't seem like much fun! But you're right, that's what will eventually happen. -Justin -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: OpenToken Spec & Single Sign On
Well since that is the case, why even use Django? Why not just do this conversion/forwarding using the existing Perl OpenToken library and deploy it to a cgi-bin? -Matteo On Jan 7, 2:17 pm, Justin wrote: > Matteo, > > Thanks for the response. I wish I could just use the > django.contrib.auth authentication mechanisms and be done with this. > However, I am not looking to use OpenToken to authenticate users in > Django, per se. > > I will be making a Django app that accepts an authentication assertion > from another system, packages it into an OpenToken, and then forwards > it on to another system. The target system only accepts OpenToken for > SSO. > > My Django application doesn't need to store User information nor > authenticate the user. It is just a translator between one identity > assertion and the other. The end-user won't even know they hit my > Django app as their HTTP requests will just pass right through via > redirects. It's just magic to them. > > I am already porting the perl module to python but am running into > issues with the KeyGenerator class. Luckily the original devs provided > plenty of good tests so I know when I am on the right track. I hope to > open source the code once I am done. > > Thanks, > Justin -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: OpenToken Spec & Single Sign On
Matteo, Thanks for the response. I wish I could just use the django.contrib.auth authentication mechanisms and be done with this. However, I am not looking to use OpenToken to authenticate users in Django, per se. I will be making a Django app that accepts an authentication assertion from another system, packages it into an OpenToken, and then forwards it on to another system. The target system only accepts OpenToken for SSO. My Django application doesn't need to store User information nor authenticate the user. It is just a translator between one identity assertion and the other. The end-user won't even know they hit my Django app as their HTTP requests will just pass right through via redirects. It's just magic to them. I am already porting the perl module to python but am running into issues with the KeyGenerator class. Luckily the original devs provided plenty of good tests so I know when I am on the right track. I hope to open source the code once I am done. Thanks, Justin -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: OpenToken Spec & Single Sign On
I don't understand why you would need to use this for server-side authentication in the Django environment? So this OpenToken Single Sign-on appears to be more similar to Django's own django.contrib.auth, and django.contrib.sessions packages, and possibly even less secure (and less documented) than Kerberos authentication which is two way site-wide authentication protocol. If I were you, I'd use *django.contrib.auth* and *django.contrib.sessions*. The sessions application provides site cookie for authenticating HTTP against, and auth provides User account authentication for Single Sign-on using sha1 (default) or md5, or crypt. You could port the OenToken Perl module to Python easily, and remember to target Pythong 2.6 and import hashlib for sha1 as the sha module is now deprecated. Beyond that, could you please provide more insight on why you would want to use OpenToken specifically over the built in Django packages? I read through the spec once and this is my conclusion is a much bigger headache porting/integrating with OpenToken than using the built in Django methods. Regards, Matteo On Jan 6, 1:53 pm, Justin Murphy wrote: > Hello group, > > Does anybody have experience with the OpenToken specification? It is > an authentication token that some (not many) applications use for SSO. > > I found existing Perl module that encrypts and decrypts the token but > I need a Python version to use in a Django project. Not much luck > finding one on Google, so I am asking this group to see if anybody has > done this before so I don't need to re-create the wheel. > > Here is a link to the specification - website will automatically try > and download PDF, sorry > :(http://www.pingidentity.com/support-and-downloads/download.cfm?item=1... > > OpenToken Perl module on GitHub:https://github.com/bleargh45/crypt-opentoken/ > > I appreciate your help! > > Thanks, > Justin -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
OpenToken Spec & Single Sign On
Hello group, Does anybody have experience with the OpenToken specification? It is an authentication token that some (not many) applications use for SSO. I found existing Perl module that encrypts and decrypts the token but I need a Python version to use in a Django project. Not much luck finding one on Google, so I am asking this group to see if anybody has done this before so I don't need to re-create the wheel. Here is a link to the specification - website will automatically try and download PDF, sorry :( http://www.pingidentity.com/support-and-downloads/download.cfm?item=11703 OpenToken Perl module on GitHub: https://github.com/bleargh45/crypt-opentoken/ I appreciate your help! Thanks, Justin -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.