I want to authenticate django web user using windows domain account (active directory) who currently logged in to computer. How can I do this without prompting user to enter username/password again since he is already logged in using domain account to his system. I am using django and python 2.7. I went through following link but dint understand how to use it in my views. Please help me.
Thanks
Advertisement
Answer
When the Web server (here django hosted on IIS) takes care of authentication it typically sets the REMOTE_USER
environment variable for use in the underlying application. In Django, REMOTE_USER
is made available in the request.META attribute. Django can be configured to make use of the REMOTE_USER
value using the RemoteUserMiddleware
and RemoteUserBackend
classes found in django.contrib.auth.
Configurations
You must add the django.contrib.auth.middleware.RemoteUserMiddleware
to the MIDDLEWARE_CLASSES
setting after the django.contrib.auth.middleware.AuthenticationMiddleware
:
MIDDLEWARE_CLASSES = ( ... 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.RemoteUserMiddleware', ... )
Next, you must replace the ModelBackend
with RemoteUserBackend
in the AUTHENTICATION_BACKENDS
setting:
AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.RemoteUserBackend', )
With this setup, RemoteUserMiddleware
will detect the username in request.META['REMOTE_USER']
and will authenticate and auto-login that user using the RemoteUserBackend
.
(More info https://docs.djangoproject.com/en/1.5/howto/auth-remote-user/ )
To get REMOTE_USER
in request do the following IIS settings:
1.In Control Panel, click Programs and Features, and then click Turn Windows features on or off.
2.Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select Windows Authentication.
IIS Manager
- Open IIS Manager and navigate to the level you want to manage.
- In Features View, double-click Authentication.
- On the Authentication page, select Windows Authentication.
- In the Actions pane, click Enable to use Windows authentication. (More info)