def process_request(self, request):
# SESSION_KEY = '_auth_user_id'
# BACKEND_SESSION_KEY = '_auth_user_backend'
token = request.GET.get('token', False)
token_id = request.GET.get('id', False)
timestamp = request.GET.get('timestamp', False)
if token and token_id and timestamp:
logging.debug('SSO: user %s login attempt via SSO in with timestamp %s and token %s \n' % (
token_id, timestamp, token))
if self.check_token(token, token_id, timestamp):
# everything passed, authenticate user
logging.debug('SSO: user %s token and timestamp pass \n' % token_id)
logging.debug('SSO: Attempting to authenticate as %s \n' % token_id)
try:
user = self.authenticate(token_id)
except Exception as e:
logging.debug('SSO: user %s does not exist, trying to create \n' % token_id)
rooibos_LDAP.new_account_from_ldap(token_id)
if user.username == token_id:
try:
# THIS WAS THE KEY TO IT WORKING
user.backend = settings.SSO_BACKEND
login(request, user)
logging.debug('SSO: process_request - user.backend = %s' % user.backend)
#return None
#logging.debug(user.last_login)
# logging.debug(request.session['_auth_user_id'])
# logging.debug(request.session['_auth_user_backend'])
except Exception:
raise
def endimpersonation(request):
if request.session.has_key(IMPERSONATION_REAL_USER_SESSION_KEY):
realusername = request.session.get(IMPERSONATION_REAL_USER_SESSION_KEY)
del request.session[IMPERSONATION_REAL_USER_SESSION_KEY]
user = User.objects.get(username=realusername)
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
def process_request(self, request):
# SESSION_KEY = '_auth_user_id'
# BACKEND_SESSION_KEY = '_auth_user_backend'
token = request.GET.get('token', False)
token_id = request.GET.get('id', False)
timestamp = request.GET.get('timestamp', False)
if token and token_id and timestamp:
# logging.debug(
# 'SSO: user %s login attempt via SSO in with timestamp %s and token %s \n' % (
# token_id, timestamp, token))
if self.check_token(token, token_id, timestamp):
# everything passed, authenticate user
#logging.debug('SSO: user %s token and timestamp pass \n' % token_id)
#logging.debug('SSO: Attempting to authenticate as %s \n' % token_id)
user = self.authenticate(token_id)
if user.username == token_id:
try:
# THIS WAS THE KEY TO IT WORKING
user.backend = settings.SSO_BACKEND
login(request, user)
logging.debug('SSO: process_request - user.backend = %s' % user.backend)
#logging.debug(user.last_login)
# logging.debug(request.session['_auth_user_id'])
# logging.debug(request.session['_auth_user_backend'])
except Exception:
raise
def call_proxy_url(request, uuid):
context = request.GET.get('context')
ip = IP(request.META['REMOTE_ADDR'])
for subnet in TrustedSubnet.objects.all():
if ip in IP(subnet.subnet):
break
else:
return HttpResponseForbidden()
proxy_url = get_object_or_404(
ProxyUrl.objects.filter(uuid=uuid, context=context, subnet=subnet))
proxy_url.last_access = datetime.now()
proxy_url.save()
view, args, kwargs = resolve(proxy_url.url)
user = proxy_url.user
user.backend = proxy_url.user_backend or settings.AUTHENTICATION_BACKENDS[0]
login(request, user)
request.proxy_url = proxy_url
kwargs['request'] = request
return view(*args, **kwargs)
def endimpersonation(request):
if request.session.has_key(IMPERSONATION_REAL_USER_SESSION_KEY):
realusername = request.session.get(IMPERSONATION_REAL_USER_SESSION_KEY)
del request.session[IMPERSONATION_REAL_USER_SESSION_KEY]
user = User.objects.get(username=realusername)
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
def process_request(self, request):
if request.META.has_key('HTTP_AUTHORIZATION') and not request.user.is_authenticated():
user = basic_authenticate(request.META['HTTP_AUTHORIZATION'])
if user is None:
return basic_challenge()
else:
login(request, user)
request.session['unsafe_logout'] = True
def process_request(self, request):
if request.META.has_key('HTTP_AUTHORIZATION') and not request.user.is_authenticated():
user = basic_authenticate(request.META['HTTP_AUTHORIZATION'])
if user is None:
return basic_challenge()
else:
login(request, user)
request.session['unsafe_logout'] = True
def impersonate(request, username):
realusername = request.session.get(IMPERSONATION_REAL_USER_SESSION_KEY) or request.user.username
if not can_impersonate(realusername, username):
raise PermissionDenied
user = User.objects.get(username=username)
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
request.session[IMPERSONATION_REAL_USER_SESSION_KEY] = realusername
signals.user_impersonated.send(sender=None, user=user)
logging.debug("Sent user impersonated signal (%s)" % signals.user_impersonated)
def impersonate(request, username):
realusername = request.session.get(IMPERSONATION_REAL_USER_SESSION_KEY) or request.user.username
if not can_impersonate(realusername, username):
raise PermissionDenied
user = User.objects.get(username=username)
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
request.session[IMPERSONATION_REAL_USER_SESSION_KEY] = realusername
signals.user_impersonated.send(sender=None, user=user)
logging.debug("Sent user impersonated signal (%s)" % signals.user_impersonated)
def call_proxy_url(request, uuid):
context = request.GET.get('context')
ip = IP(request.META['REMOTE_ADDR'])
for subnet in TrustedSubnet.objects.all():
if ip in IP(subnet.subnet):
break
else:
return HttpResponseForbidden()
proxy_url = get_object_or_404(ProxyUrl.objects.filter(uuid=uuid, context=context, subnet=subnet))
proxy_url.last_access = datetime.now()
proxy_url.save()
view, args, kwargs = resolve(proxy_url.url)
user = proxy_url.user
user.backend = proxy_url.user_backend or settings.AUTHENTICATION_BACKENDS[0]
login(request, user)
request.proxy_url = proxy_url
kwargs['request'] = request
return view(*args, **kwargs)
