Django FreeIPA Auth is a backend authentication app with a simple server failover solution which can be included in a project's authentication backends. This app communicates with a specified FreeIPA host server and authenticates a user to the django app upon successful freeIPA login.
Detailed documentation is in the "docs" directory.
Install using pip:
pip install django_freeipa_auth
If running on an old version of python without security updates, include the security marker:
pip install django_freeipa_auth[security]
Add "freeipa_auth" to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [ ... 'freeipa_auth', ]
Add "freeipa_auth.backends.FreeIpaRpcAuthBackend" to your AUTHENTICATION_BACKENDS in your settings file like this:
AUTHENTICATION_BACKENDS = [ ... 'freeipa_auth.backends.FreeIpaRpcAuthBackend', ]
Override settings in your settings file like this:
FREEIPA_AUTH_BACKEND_ENABLED = True FREEIPA_AUTH_SERVER = "ipa.foo.com" # defaults to None FREEIPA_AUTH_FAILOVER_SERVER = "ipa.failover.com" # defaults to None FREEIPA_AUTH_SSL_VERIFY = True # this would be the path to the ssl cert used FREEIPA_AUTH_UPDATE_USER_GROUPS = True # defaults to False FREEIPA_AUTH_ALWAYS_UPDATE_USER = True FREEIPA_AUTH_USER_ATTRS_MAP = {"first_name": "givenname", "last_name": "sn", "email": "mail"} 'STAFF_GROUPS': '__all__' # is_staff set to True for all users 'STAFF_GROUPS': [] # is_staff set to False for all users 'STAFF_GROUPS': ["group1", "group2"] # is_staff set to True if user is member of at least one group
- Start the development server and visit http://127.0.0.1:8000/admin/ to login via freeipa rpc authentication.