blob: a2964e161ddd16128dbea449f0e408bf96dc4783 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
Django authentification backend using Crowd REST API
====================================================
This is a very rough implementation of a django backend
using Crowd's REST API.
It is inspired by the various forks of django-crowd-backend.
Those implementations were always using SOUP.
This one is just using REST API supported by Crowd.
See [Atlassian](https://developer.atlassian.com/display/CROWDDEV/Crowd+REST+APIs).
Current implementation
======================
- Connect to Crowd server
- Authenticate given user by password
- Sync Django user instance with attributes from Crowd user
- Setup Djnago user staff/superuser flags based on associated Crowd groups of user
Features
========
- HTTPS certificate validation when connecting to secure Crowd url
Missing
=======
- No handling of SSO cookie
Dependencies
============
- just 'urllib2' with a little tweak from [VerifiedHTTPS](https://github.com/josephturnerjr/urllib2.VerifiedHTTPS)
to allow validation of https certificate.
How to use it
=============
- Edit settings.py to add 'crowdrest' app to your list of apps
- Adapt configuration settings for crowdrest in settings.py by adding
_whether you want to sync django users from Crowd attributes_
`AUTH_CROWD_ALWAYS_UPDATE_USER = True`
_Django user will get staff flag when Crowd user is in given Crowd group_
`AUTH_CROWD_STAFF_GROUP = 'staff'`
_Django user will get superuser flag when Crowd user is in given Crowd group_
`AUTH_CROWD_SUPERUSER_GROUP = 'superuser'`
_crowdrest will use this username and password to connect to Crowd server_
`AUTH_CROWD_APPLICATION_USER = 'django'`
`AUTH_CROWD_APPLICATION_PASSWORD = 'django'`
_URL to Crowd REST API_
`AUTH_CROWD_SERVER_REST_URI = 'http://127.0.0.1:8095/crowd/rest/usermanagement/latest'`
_Use given certificate file to validate https connection to Crowd server_
`AUTH_CROWD_SERVER_TRUSTED_ROOT_CERTS_FILE = None`
Problems ?
==========
Just send me a message. Let's see if I can help.
License
=======
Use this code as you want. Consider it free. Say thank you. Don't blame me if it doesn't work for you.
|