Python 使用 Django 实现单点登录 (SSO)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4662348/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Implementing Single Sign On (SSO) using Django
提问by tomrs
I would like to use Django for implementing Single Sign On (SSO) for multiple applications that we currently use. How to implement SSO using Django ?. Are there any Django packages that can be utilized for implementing SSO ?
我想使用 Django 为我们当前使用的多个应用程序实现单点登录 (SSO)。如何使用 Django 实现 SSO?是否有任何可用于实现 SSO 的 Django 包?
Please Help Thank You
请帮忙谢谢
回答by nmichaels
There's OpenIDand openid-auth.
回答by S.Lott
We're using OpenAM. http://forgerock.com/openam.html
我们正在使用 OpenAM。 http://forgerock.com/openam.html
The OpenAM Cookie means that the user is authenticated.
OpenAM Cookie 表示用户已通过身份验证。
An authentication backend for this is pretty simple. Under 50 lines of code.
为此,身份验证后端非常简单。不到 50 行代码。
https://docs.djangoproject.com/en/1.7/topics/auth/customizing/#other-authentication-sources
https://docs.djangoproject.com/en/1.7/topics/auth/customizing/#other-authentication-sources
We wrote a little bit of code that makes a RESTful request to the OpenAM server to get the user, group and role information. We then use the roles to determine the user's authorizations.
我们编写了一些代码,向 OpenAM 服务器发出 RESTful 请求以获取用户、组和角色信息。然后我们使用角色来确定用户的授权。
回答by Mikhail Korobov
Take a look at django-cas-provider+ django-cas-consumer(or django-cas)
回答by karthikr
django-ssois a pretty neat package that implements single signon
django-sso是一个非常简洁的包,它实现了单点登录
回答by Sergey
You may implement SSO as follows:
您可以按如下方式实施 SSO:
- Shibboleth as Identity Provider
- Django website as Service Provider
- Shibboleth 作为身份提供者
- Django 网站作为服务提供者
I've just finished writing detailed guide on my blog: http://codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html
我刚刚在我的博客上写了详细的指南:http: //codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html
回答by Rockallite
MamaCAS appears to be a good solution. (It has gained 104 stars at the time of writing.)
MamaCAS 似乎是一个很好的解决方案。(在撰写本文时,它已获得 104 颗星。)
https://github.com/jbittel/django-mama-cas
https://github.com/jbittel/django-mama-cas
MamaCAS is a Django Central Authentication Service (CAS) single sign-on and single logout server. It implements the CAS 1.0, 2.0 and 3.0 protocols, including some of the optional features.
CAS is a single sign-on and single logout web protocol that allows a user to access multiple applications after providing their credentials a single time. It utilizes security tickets, unique text strings generated and validated by the server, allowing applications to authenticate a user without direct access to the user's credentials (typically a user ID and password).
MamaCAS 是 Django 中央身份验证服务 (CAS) 单点登录和单点注销服务器。它实现了 CAS 1.0、2.0 和 3.0 协议,包括一些可选功能。
CAS 是一种单点登录和单点注销 Web 协议,允许用户在一次提供凭据后访问多个应用程序。它利用安全票证、由服务器生成和验证的唯一文本字符串,允许应用程序在不直接访问用户凭据(通常是用户 ID 和密码)的情况下对用户进行身份验证。
回答by nu everest
Django Simple SSO is another one.
Django Simple SSO 是另一个。
https://github.com/aldryn/django-simple-sso
https://github.com/aldryn/django-simple-sso
article about how to use this repo a article
一篇关于如何使用这个 repo 的文章
回答by aedry
I have used https://github.com/onelogin/python3-samlwith Azure AD and Google–pretty simple setup with great docs and support.
我已经将https://github.com/onelogin/python3-saml与 Azure AD 和 Google 一起使用——非常简单的设置,有很好的文档和支持。
