Django, CAS authentication and Apache

I am certainly no stranger to Web Development, but I decide to really look at the Python web framework django in some detail last week to write a small web application for Workload Modelling for Academic Staff.

Yes, this is a geeky, programming post.

In doing so I ran into some trouble trying to get CAS authentication to work with the app. I tried using a django-cas client I found, having found no direct CAS support in django. This took a reasonable number of code modifications, in several source files (really only a pain because I would have to maintain both development code and production code on different authentication). However the critical problem was that while I could get authentication into the “userland” parts of the app, I was getting redirect issues with the django generated administration interface.

So, I found a totally different approach. Django does have generic remote user support built-in which I hadn’t initially found. There are some details here. As you can see there are only two lines of code needed to enable this support.

I found this worked without any drama when I used Apache to force the CAS authentication. So the code required (in version 1.8 of django) is simply as follows, in the file.

    # This is where the new line needs to be added


The Apache Configuration looks something like this.

WSGIPythonPath /usr/local/share/WAM/

<IfModule mod_auth_cas.c>
    CASValidateServer Off
    CASLoginURL https://your.cas.server/login
    CASVersion 2
    CASDebug On
    CASValidateURL https://your.cas.server/serviceValidate
    CASCookiePath /tmp/
    CASTimeout 43200
    CASIdleTimeout 3600

<Location /wam>
    AuthType CAS
    Require valid-user

<Directory /usr/local/share/WAM/loads/static>
    Require all granted

WSGIScriptAlias /wam /usr/local/share/WAM/WAM/

<Directory /usr/local/share/WAM/WAM>
        Require all granted

You will need to ensure you have Apache’s CAS and wsgi modules installed and enabled too.

I wasted a couple of hours going around the houses on this one, so hopefully it may save you. I will be hosting the project for my modeller on along with the code once I move it from GitHub.

  • 1

One thought on “Django, CAS authentication and Apache”

  1. Pingback: Workload Allocation Monitoring (WAM) Prototype | Proving the Obviously Untrue

Leave a Reply

Your email address will not be published. Required fields are marked *