Menu
I would like to use Django for implementing Single Sign On (SSO) for multiple applications that we currently use. How can I implement this using Django?
858
The Django authentication system handles both authentication and authorization. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do. Here the term authentication is used to refer to both tasks.
Setup. Some settings are always required and some other settings are dependant on how you want to integrate Keycloak in your project. Add django-keycloak to your installed apps, add the authentication back-end, add the middleware, configure the urls and point to the correct login page.
In many developer websites, we get to see Google social authentication which is very handy. In this article, we will see how to create a Django Google login project. First, go to https://console.cloud.google.com/apis/dashboardand create a project . Go to Oauth consent screen and create a screen and save & continue.
We're using OpenAM. http://forgerock.com/openam.html
The OpenAM Cookie means that the user is authenticated.
An authentication backend for this is pretty simple. Under 50 lines of code.
https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#other-authentication-sources
We wrote a little bit of code that makes a RESTful request to the OpenAM server to get the user, group and role information. We then use the roles to determine the user's authorizations.
175
MamaCAS appears to be a good solution. (It has gained 104 stars at the time of writing.)
https://github.com/jbittel/django-mama-cas
MamaCAS is a Django Central Authentication Service (CAS) single sign-on and single logout server. It implements the CAS 1.0, 2.0 and 3.0 protocols, including some of the optional features.
CAS is a single sign-on and single logout web protocol that allows a user to access multiple applications after providing their credentials a single time. It utilizes security tickets, unique text strings generated and validated by the server, allowing applications to authenticate a user without direct access to the user's credentials (typically a user ID and password).
44
Take a look at django-cas-provider + django-cas-consumer (or django-cas)
23
django-sso is a pretty neat package that implements single signon
39
Django Simple SSO is another one.
https://github.com/aldryn/django-simple-sso
article about how to use this repo a article
28
You may implement SSO as follows:
I've just finished writing detailed guide on my blog: http://codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html
26
CAS (Central Authentication Service) is a good solution that supports SSO (Single Sign-On) and Single Logout (SLO) for Django and Flask. Here is a setup instruction to have a CAS server and multiple clients with the same login/logout:
[NOTE]:
[UPDATE]:
SESSION_COOKIE_NAME in order to make distinguishable sessions to avoid conflicts at login/logout. In Django, you should add the following line in the settings.py for each Django client:SESSION_COOKIE_NAME = 'client1_sess'
I have used https://github.com/onelogin/python3-saml with Azure AD and Google–pretty simple setup with great docs and support.
20
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
