Skip to content
Advertisement

Django authenticate using logged in windows domain user

I want to authenticate django web user using windows domain account (active directory) who currently logged in to computer. How can I do this without prompting user to enter username/password again since he is already logged in using domain account to his system. I am using django and python 2.7. I went through following link but dint understand how to use it in my views. Please help me.

Thanks

Advertisement

Answer

When the Web server (here django hosted on IIS) takes care of authentication it typically sets the REMOTE_USER environment variable for use in the underlying application. In Django, REMOTE_USER is made available in the request.META attribute. Django can be configured to make use of the REMOTE_USER value using the RemoteUserMiddleware and RemoteUserBackend classes found in django.contrib.auth. Configurations You must add the django.contrib.auth.middleware.RemoteUserMiddleware to the MIDDLEWARE_CLASSES setting after the django.contrib.auth.middleware.AuthenticationMiddleware:

MIDDLEWARE_CLASSES = (
    ...
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.RemoteUserMiddleware',
    ...
    )

Next, you must replace the ModelBackend with RemoteUserBackend in the AUTHENTICATION_BACKENDS setting:

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.RemoteUserBackend',
)

With this setup, RemoteUserMiddleware will detect the username in request.META['REMOTE_USER'] and will authenticate and auto-login that user using the RemoteUserBackend.

(More info https://docs.djangoproject.com/en/1.5/howto/auth-remote-user/ )

To get REMOTE_USER in request do the following IIS settings:

1.In Control Panel, click Programs and Features, and then click Turn Windows features on or off.

2.Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select Windows Authentication.

IIS Manager

  1. Open IIS Manager and navigate to the level you want to manage.
  2. In Features View, double-click Authentication.
  3. On the Authentication page, select Windows Authentication.
  4. In the Actions pane, click Enable to use Windows authentication. (More info)
User contributions licensed under: CC BY-SA
5 People found this is helpful
Advertisement