Point '^accounts/login/$' or whatever your custom login path is to the 'negotiate_ntlm' view.
This allows you to keep anonymous authentication enabled on IIS and easily lock down just the parts of the site you need to (e.g. admin).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | """auth.py"""
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect
class HttpResponseNotAuthorized(HttpResponse):
status_code = 401
def __init__(self, *args, **kwargs):
HttpResponse.__init__(self, *args, **kwargs)
self['WWW-Authenticate'] = 'NegotiateNTLM'
def negotiate_ntlm(request,
content='You are not authorized to access this website.',
redirect_field_name=REDIRECT_FIELD_NAME):
redirect_to = request.REQUEST.get(redirect_field_name, '/')
if request.user.is_authenticated():
return HttpResponseRedirect(redirect_to)
else:
return HttpResponseNotAuthorized(content)
|
More like this
- Auto upload_to path generator by junaidmgithub 5 hours, 22 minutes ago
- LazyPrimaryKeyRelatedField by LLyaudet 1 week ago
- CacheInDictManager by LLyaudet 1 week ago
- MYSQL Full Text Expression by Bidaya0 1 week, 1 day ago
- Custom model manager chaining (Python 3 re-write) by Spotted1270 2 weeks, 1 day ago
Comments
Please login first before commenting.