change local/saml login configuration to work in multitenant environments
This commit is contained in:
parent
e7f48ed972
commit
116da72863
3
README
3
README
|
@ -68,7 +68,8 @@ Default settings are loaded from settings.py, they can be overloaded by a
|
|||
local_settings.py file set in the same directory, or by a file referenced
|
||||
in the COMBO_SETTINGS_FILE environment variable.
|
||||
|
||||
SAML authentication can be enabled by setting USE_MELLON = True, this requires
|
||||
SAML authentication can be enabled by adding 'mellon' to INSTALLED_APPS and
|
||||
'mellon.backends.SAMLBackend' to AUTHENTICATION_BACKENDS, this requires
|
||||
django-mellon to be installed, and further files and settings are required:
|
||||
|
||||
- public and private keys (in cert.pem and key.cert in the current working
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
from django.conf import settings
|
||||
from django.contrib.auth import logout as auth_logout
|
||||
from django.contrib.auth import views as auth_views
|
||||
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied
|
||||
from django.http import Http404, HttpResponse, HttpResponseRedirect
|
||||
from django.shortcuts import get_object_or_404, render, resolve_url
|
||||
|
@ -23,8 +24,16 @@ from django.template import RequestContext
|
|||
|
||||
from combo.data.models import CellBase, Page
|
||||
|
||||
|
||||
def login(request, *args, **kwargs):
|
||||
if 'mellon.backends.SAMLBackend' in settings.AUTHENTICATION_BACKENDS:
|
||||
if not 'next' in request.GET:
|
||||
return HttpResponseRedirect(resolve_url('mellon_login'))
|
||||
return HttpResponseRedirect(resolve_url('mellon_login') + '?next=' + request.GET.get('next'))
|
||||
return auth_views.login(request, *args, **kwargs)
|
||||
|
||||
def logout(request, next_page=None):
|
||||
if settings.USE_MELLON:
|
||||
if 'mellon.backends.SAMLBackend' in settings.AUTHENTICATION_BACKENDS:
|
||||
return HttpResponseRedirect(resolve_url('mellon_logout'))
|
||||
auth_logout(request)
|
||||
if next_page is not None:
|
||||
|
|
|
@ -162,9 +162,9 @@ COMBO_PUBLIC_TEMPLATES = {
|
|||
}
|
||||
|
||||
# Authentication settings
|
||||
LOGIN_URL = '/login/'
|
||||
LOGIN_REDIRECT_URL = '/'
|
||||
|
||||
USE_MELLON = False
|
||||
LOGOUT_URL = '/logout/'
|
||||
|
||||
MELLON_ATTRIBUTE_MAPPING = {
|
||||
'username': '{attributes[username][0]}',
|
||||
|
@ -186,9 +186,3 @@ local_settings_file = os.environ.get('COMBO_SETTINGS_FILE',
|
|||
os.path.join(os.path.dirname(__file__), 'local_settings.py'))
|
||||
if os.path.exists(local_settings_file):
|
||||
execfile(local_settings_file)
|
||||
|
||||
if USE_MELLON:
|
||||
INSTALLED_APPS += ('mellon', )
|
||||
AUTHENTICATION_BACKENDS = ('mellon.backends.SAMLBackend', )
|
||||
LOGIN_URL = 'mellon_login'
|
||||
LOGOUT_URL = 'mellon_logout'
|
||||
|
|
|
@ -17,11 +17,10 @@
|
|||
from django.conf import settings
|
||||
from django.conf.urls import patterns, include, url
|
||||
from django.contrib import admin
|
||||
from django.contrib.auth import views as auth_views
|
||||
|
||||
from .urls_utils import decorated_includes, manager_required
|
||||
|
||||
from .public.views import logout
|
||||
from .public.views import login, logout
|
||||
from .manager.urls import urlpatterns as combo_manager_urls
|
||||
|
||||
urlpatterns = patterns('',
|
||||
|
@ -29,8 +28,12 @@ urlpatterns = patterns('',
|
|||
include(combo_manager_urls))),
|
||||
url(r'^admin/', include(admin.site.urls)),
|
||||
url(r'^logout/$', logout, name='auth_logout'),
|
||||
url(r'^login/$', login, name='auth_login'),
|
||||
)
|
||||
|
||||
if 'mellon' in settings.INSTALLED_APPS:
|
||||
urlpatterns += patterns('', url(r'^accounts/mellon/', include('mellon.urls')))
|
||||
|
||||
# static and media files
|
||||
from django.contrib.staticfiles.urls import staticfiles_urlpatterns
|
||||
urlpatterns += staticfiles_urlpatterns()
|
||||
|
@ -38,14 +41,5 @@ urlpatterns += staticfiles_urlpatterns()
|
|||
from django.conf.urls.static import static
|
||||
urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
|
||||
|
||||
if 'mellon' in settings.INSTALLED_APPS:
|
||||
urlpatterns += patterns('',
|
||||
url(r'^accounts/mellon/', include('mellon.urls')),
|
||||
)
|
||||
else:
|
||||
urlpatterns += patterns('',
|
||||
url(r'^accounts/login/$', auth_views.login),
|
||||
)
|
||||
|
||||
# other URLs are handled as public URLs
|
||||
urlpatterns += patterns('', url(r'', include('combo.public.urls')))
|
||||
|
|
Loading…
Reference in New Issue