This app combines django-auth-ldap with django's RemoteUserBackend
It allows django applications hosted in IIS to take advantage of Windows Authentication in IIS (401 Challenge) while also having the advanced features offered in django-auth-ldap
Install with pip/easy_install from the pypi
pip install django-remote-auth-ldap
or clone the latest source
git clone https://github.com/apmorton/django-remote-auth-ldap.git
cd django-remote-auth-ldap
python setup.py install
In your django settings.py file configure django-auth-ldap normally, verify that the configuration is indeed working!
Add the RemoteUserMiddleware class after the AuthenticationMiddleware class
MIDDLEWARE_CLASSES = (
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django_remote_auth_ldap.middleware.RemoteUserMiddleware',
...
)Set the RemoteUserLDAPBackend as the authentication backend
AUTHENTICATION_BACKENDS = (
'django_remote_auth_ldap.backend.RemoteUserLDAPBackend',
)The application expects the remote user to be in the form domain\user (which is how IIS returns it)
There are a few settings you can use to control the behavior
DRAL_CHECK_DOMAIN- Boolean - whether or not to check the domain against a known list - default TrueDRAL_STRIP_DOMAIN- Boolean - whether or not to strip the domain off the username before passing to django-auth-ldap - default TrueDRAL_DOMAINS- List - list of domains to check against, should be lowercase! - default []DRAL_HEADER- String - header to check for remote user in - default REMOTE_USER