Point '^accounts/login/$' or whatever your custom login path is to the 'negotiate_ntlm' view.
This allows you to keep anonymous authentication enabled on IIS and easily lock down just the parts of the site you need to (e.g. admin).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | """auth.py"""
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect
class HttpResponseNotAuthorized(HttpResponse):
status_code = 401
def __init__(self, *args, **kwargs):
HttpResponse.__init__(self, *args, **kwargs)
self['WWW-Authenticate'] = 'NegotiateNTLM'
def negotiate_ntlm(request,
content='You are not authorized to access this website.',
redirect_field_name=REDIRECT_FIELD_NAME):
redirect_to = request.REQUEST.get(redirect_field_name, '/')
if request.user.is_authenticated():
return HttpResponseRedirect(redirect_to)
else:
return HttpResponseNotAuthorized(content)
|
More like this
- Month / Year SelectDateWidget based on django SelectDateWidget by pierreben 2 months, 2 weeks ago
- Python Django CRUD Example Tutorial by tuts_station 3 months ago
- Browser-native date input field by kytta 4 months, 2 weeks ago
- Generate and render HTML Table by LLyaudet 4 months, 4 weeks ago
- My firs Snippets by GutemaG 5 months ago
Comments
Please login first before commenting.