Kerberos authentication for Authentic2
Go to file
Benjamin Dauvergne 3ed80352fc tox.ini: remove DB_ENGINE 2020-05-15 15:59:07 +02:00
debian debian: add python3 packaging (#41219) 2020-04-15 08:12:55 +02:00
src/authentic2_auth_kerberos dj22: set request as first argument in authenticate() 2020-05-15 15:49:11 +02:00
tests tox.ini: remove DB_ENGINE 2020-05-15 15:59:07 +02:00
COPYING first commit 2014-09-02 16:25:31 +02:00
Jenkinsfile Jenkinsfile: fix test for GIT_BRANCH 2020-04-15 12:02:33 +02:00
MANIFEST.in release 1.1.0 2016-03-07 11:01:08 +01:00
README release 1.1.0 2016-03-07 11:01:08 +01:00
getlasso.sh tests: use unique database name (#13083) 2016-09-06 15:54:54 +02:00
getlasso3.sh tox.ini: add configuration for py3 (#41219) 2020-04-15 08:12:55 +02:00
jenkins.sh chmod +x jenkins.sh 2018-02-15 14:34:49 +01:00
merge-junit-results.py misc: update merge-junit-results.py 2019-12-07 11:05:29 +01:00
pylint.sh tox.ini: refactor, add dj22 target 2020-05-15 11:13:20 +02:00
setup.py add Jenkinsfile, support dj111, prepare for python3, improve tox.ini (fixes #30321) 2019-02-06 12:48:51 +01:00
tox.ini tox.ini: remove DB_ENGINE 2020-05-15 15:59:07 +02:00

README

Authentic2 Auth Kerberos
==========================

It provides basic implementation of the HTTP Negotiate authentication mechanism
and autologin support using Javascript and a cookie.

The django-kerberos_ project is used as a basis for this plugin. 

Install
-------

You just have to install the package in your virtualenv and relaunch, it will
be automatically loaded by authentic2.

You must define the KRB5_KTNAME environment to the path of a keytab file
containing the key for your service principal. See django-kerberos_
documentation for details.

Settings
--------

- A2_AUTH_KERBEROS_ENABLED: enable the authentication module, default is True.
- A2_AUTH_KERBEROS_CREATE_USER: whether to create users for Kerberos
	principals, default is True.
- A2_AUTH_KERBEROS_REALM: default reaml to attribute to user, default is None.
	If not None, the Kerberos realm is replaced by this one. It's incompatible
	with support for multiple realms.
- LDAP_AUTH_SETTINGS: same settings than for other usages in Authentic2, the Kerberos backend
  introduce a new key 'principal_filter' which is a str.format() template receiving two keyword
  arguments, username (the local part of the principal) and realm.

.. _django-kerberos: https://pypi.python.org/pypi/django-kerberos

Changelog
=========

1.1.0
-----

- use a2_just_logged_out to authorize automatic login and hide login tab
- add LDAP backend

1.0.0
-----

 - initial release