Electronics & Programming

develissimo

Open Source electronics development and programming

  • You are not logged in.
  • Root
  • » Django
  • » Is it possible to log a user into a subdomain, from another domain?? [RSS Feed]

#1 Jan. 27, 2011 11:59:09

P.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Is it possible to log a user into a subdomain, from another domain??


Hi groups users :)

The thing is. I have one django app serving different sites.

site1.myapp.com
site2.myapp.com

The users login via a 3rd party SSO system which is then
redirected(inkl. a valdiation POST) tohttps://myapp.com/auth/I can only choose one destination for this POST, so it has to be on my
maindomain.

However. since my users all belong to only 1 "site", I would like
myapp.com/auth/ to log the user into the relevant site, ex.
site1.myapp.com or site2.myapp.com and then redirect them to that
site…

I could of course just redirect after receiving the validation POST,
but then I wouldn't be able to use all the informations in this post.

Is this at all possible?? or should i go about this in a totally
different way? :)

I should mention that when it comes to the general usage of the app I
have subdomain middleware to ensure that the users always only visit
the subdomain(and data) that their account is valid for.

The reason I want to use subdomains is to make it simple for the users
to remember their account url, while maintaining the pros of having to
maintain just one django app.

thanks. hope you can help :)

kind regards.

pete

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

#2 Jan. 27, 2011 12:18:58

Tom E.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Is it possible to log a user into a subdomain, from another domain??


On Thu, Jan 27, 2011 at 11:59 AM, PeteDK <petermoel...@gmail.com> wrote:
> Hi groups users :)
>
> The thing is. I have one django app serving different sites.
>
> site1.myapp.com
> site2.myapp.com
>
> The users login via a 3rd party SSO system which is then
> redirected(inkl. a valdiation POST) tohttps://myapp.com/auth/> I can only choose one destination for this POST, so it has to be on my
> maindomain.
>
> However. since my users all belong to only 1 "site", I would like
> myapp.com/auth/ to log the user into the relevant site, ex.
> site1.myapp.com or site2.myapp.com and then redirect them to that
> site…
>
> I could of course just redirect after receiving the validation POST,
> but then I wouldn't be able to use all the informations in this post.
>
> Is this at all possible?? or should i go about this in a totally
> different way? :)
>
> I should mention that when it comes to the general usage of the app I
> have subdomain middleware to ensure that the users always only visit
> the subdomain(and data) that their account is valid for.
>
> The reason I want to use subdomains is to make it simple for the users
> to remember their account url, while maintaining the pros of having to
> maintain just one django app.
>
> thanks. hope you can help :)
>
> kind regards.
>
> pete
>

If both sites are served by one django application (eg, both sites use
the same db backend), and all your additional sites are subdomains,
simply set your django session cookie on *.domain.com, so that the
session is shared between both site1.domain.com and site2.domain.com.

This way, you don't need any special SSO code, once logged in to one
site, you will be logged in to all.

If that is undesirable - you may want distinct sessions - then I would
implement it like this (ghetto-saml):

At login, set LoggedIn cookie on *.domain.com
Add middleware to *.domain.com that detects anon users with this
cookie, and bounces them to the auth url, along with the requested
path.
Auth handler creates a token (import uuid; uuid.uuid4()), then create
an object in the DB keyed with this token, with the user's username
(or, if not logged in, removes the LoggedIn cookie, and bounces them
back to originator).
Auth handler redirects user back to original website, along with token
in well known parameter
Add middleware to *.domain.com that detects the well known parameter,
retrieves and consumes the stored object with that token, and
authenticates the user. Look at the source for
django.contrib.auth.middleware.RemoteUserMiddleware and
django.contrib.auth.backends.RemoteUserBackend, which do a pretty
similar sort of authentication.

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

#3 Jan. 28, 2011 20:56:36

P.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Is it possible to log a user into a subdomain, from another domain??


Thanks :)

i used the idead behind remoteuserbackend and coded something
similar :) thanks again!

regards

Pete

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

  • Root
  • » Django
  • » Is it possible to log a user into a subdomain, from another domain?? [RSS Feed]

Board footer

Moderator control

Enjoy the 19th of August
PoweredBy

The Forums are managed by develissimo stuff members, if you find any issues or misplaced content please help us to fix it. Thank you! Tell us via Contact Options
Leave a Message
Welcome to Develissimo Live Support