0

As a convenience for the users on our internal network, I'm trying to detect their windows user id for a web site. I know it's pretty easy with .Net, but I'd really like to not use .Net. I found this example using PHP and I'd like to do exactly this except in Django.

I'm using Django 1.5.5 and I've been looking for the values in request.meta['HTTP_AUTHORIZE'], but that header doesn't seem to exist.

Relevant section of my settings

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.RemoteUserMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    # Uncomment the next line for simple clickjacking protection:
    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
)

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.RemoteUserBackend',
)

And I've added 

WSGIPassAuthorization On

to my apache server, running on linux.

At this point, I'm at a loss of what to do.

Thanks in advance for any help.

robbie
  • 637
  • 1
  • 7
  • 21
  • 1
    That will give me the username of the server, but not the client. Client is what I need. EDIT: os.environ.get("USERNAME") was suggested, but looks like the comment has disappeared. – robbie Apr 17 '14 at 13:51
  • 1
    from the PHP code link you posted we can see that this authentication is called NTLM. googling for "Django NTLM" leads to some answers which may take you further http://stackoverflow.com/a/13970354/202168 – Anentropic Apr 17 '14 at 14:56
  • Additionaly this may help. https://pythonhosted.org/django-auth-ldap/ I did do this one day on a small corporate network and it worked fine. I have to admit that I forgot how I got it done, but you should be able to figure it out from the links. – Roy Prins Apr 17 '14 at 16:19
  • @Anentropic I'm trying that, but it's not working. Seems to stop when sending the 2nd message. Maybe it's a server configuration problem. – robbie Apr 17 '14 at 22:06
  • @RoyPrins I think I want to avoid LDAP if I can. I have no experience with it, but I'm guessing it'll require users to log in and I'd rather just get their username without even authenticating it. My priority is convenience. Maybe I misunderstand how LDAP works though. – robbie Apr 17 '14 at 22:07
  • @Anetropic, you're suggestion gave me the answer I was looking for. Anyway to promote this comment to as an answer? – robbie Apr 22 '14 at 17:53

0 Answers0