- Author:
- ungenio41
- Posted:
- July 28, 2010
- Language:
- Python
- Version:
- 1.2
- Tags:
- admin authentication anonymous iis ntlm
- Score:
- 0 (after 0 ratings)
Point '^accounts/login/$' or whatever your custom login path is to the 'negotiate_ntlm' view.
This allows you to keep anonymous authentication enabled on IIS and easily lock down just the parts of the site you need to (e.g. admin).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | """auth.py"""
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect
class HttpResponseNotAuthorized(HttpResponse):
status_code = 401
def __init__(self, *args, **kwargs):
HttpResponse.__init__(self, *args, **kwargs)
self['WWW-Authenticate'] = 'NegotiateNTLM'
def negotiate_ntlm(request,
content='You are not authorized to access this website.',
redirect_field_name=REDIRECT_FIELD_NAME):
redirect_to = request.REQUEST.get(redirect_field_name, '/')
if request.user.is_authenticated():
return HttpResponseRedirect(redirect_to)
else:
return HttpResponseNotAuthorized(content)
|
Comments
Please login first before commenting.