{"id":370,"date":"2015-10-19T17:17:49","date_gmt":"2015-10-19T17:17:49","guid":{"rendered":"http:\/\/www.piglets.org\/blog\/?p=370"},"modified":"2015-10-19T18:39:42","modified_gmt":"2015-10-19T18:39:42","slug":"django-cas-authentication-and-apache","status":"publish","type":"post","link":"https:\/\/www.piglets.org\/blog\/2015\/10\/19\/django-cas-authentication-and-apache\/","title":{"rendered":"Django, CAS authentication and Apache"},"content":{"rendered":"

I am certainly no stranger to Web Development, but I decide to really look at the Python<\/a> web framework django<\/a> in some detail last week to write a small web application for Workload Modelling for Academic Staff.<\/p>\n

Yes, this is a geeky, programming post.<\/p>\n

In doing so I ran into some trouble trying to get CAS<\/a> authentication to work with the app. I tried using a django-cas<\/a> client I found, having found no direct CAS support in django. This took a reasonable number of code modifications, in several source files (really only a pain because I would have to maintain both development code and production code on different authentication). However the critical problem was that while I could get authentication into the \"userland\" parts of the app, I was getting redirect issues with the django generated administration interface.<\/p>\n

So, I found a totally different approach. Django does<\/em> have generic remote user support built-in which I hadn't initially found. There are some details here<\/a>. As you can see there are only two lines of code needed to enable this support.<\/p>\n

I found this worked without any drama when I used Apache to force the CAS authentication. So the code required (in version 1.8 of django) is simply as follows, in the settings.py file.<\/p>\n

MIDDLEWARE_CLASSES = (\r\n    '...',\r\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\r\n    # This is where the new line needs to be added\r\n    'django.contrib.auth.middleware.RemoteUserMiddleware',\r\n    '...',\r\n)\r\n\r\nAUTHENTICATION_BACKENDS = (\r\n    'django.contrib.auth.backends.RemoteUserBackend',\r\n)<\/pre>\n
The Apache Configuration looks something like this.<\/p>\n
WSGIPythonPath \/usr\/local\/share\/WAM\/\r\n\r\n<IfModule mod_auth_cas.c>\r\n    CASValidateServer Off\r\n    CASLoginURL https:\/\/your.cas.server\/login\r\n    CASVersion 2\r\n    CASDebug On\r\n    CASValidateURL https:\/\/your.cas.server\/serviceValidate\r\n    CASCookiePath \/tmp\/\r\n    CASTimeout 43200\r\n    CASIdleTimeout 3600\r\n<\/IfModule>\r\n\r\n\r\n<Location \/wam>\r\n    AuthType CAS\r\n    Require valid-user\r\n<\/Location>\r\n\r\n<Directory \/usr\/local\/share\/WAM\/loads\/static>\r\n    Require all granted\r\n<\/Directory>\r\n\r\nWSGIScriptAlias \/wam \/usr\/local\/share\/WAM\/WAM\/wsgi.py\r\n\r\n<Directory \/usr\/local\/share\/WAM\/WAM>\r\n    <Files wsgi.py>\r\n        Require all granted\r\n    <\/Files>\r\n<\/Directory>\r\n<\/pre>\n
You will need to ensure you have Apache's CAS and wsgi modules installed and enabled too.<\/p>\n
I wasted a couple of hours going around the houses on this one, so hopefully it may save you. I will be hosting the project for my modeller on foss.ulster.ac.uk<\/a> along with the code once I move it from GitHub<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
I am certainly no stranger to Web Development, but I decide to really look at the Python web framework django in some detail last week to write a small web application for Workload Modelling for Academic Staff. Yes, this is a geeky, programming post. In doing so I ran into some trouble trying to get […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"vkexunit_cta_each_option":"","footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[7,6,14],"tags":[64,132,131,16,58],"class_list":["post-370","post","type-post","status-publish","format-standard","hentry","category-11-free-software","category-7-programming","category-17-python","tag-apache","tag-cas","tag-django","tag-free-software","tag-python"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"jetpack_shortlink":"https:\/\/wp.me\/p52I4w-5Y","_links":{"self":[{"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/posts\/370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/comments?post=370"}],"version-history":[{"count":6,"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/posts\/370\/revisions"}],"predecessor-version":[{"id":376,"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/posts\/370\/revisions\/376"}],"wp:attachment":[{"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/media?parent=370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/categories?post=370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.piglets.org\/blog\/wp-json\/wp\/v2\/tags?post=370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}