Skip to content

Instantly share code, notes, and snippets.

@tathamoddie

tathamoddie/_.md

Created October 30, 2012 02:36
Show Gist options
  • Save tathamoddie/3977979 to your computer and use it in GitHub Desktop.
Save tathamoddie/3977979 to your computer and use it in GitHub Desktop.
Download ZIP
Configuring OSQA to use Integrated Windows Authentication on IIS7
Raw
_.md

This post assumes you have deployed it via Microsoft Web Platform Installer and http://www.helicontech.com/zoo/, and that it's already running.

  1. Disable Anonymous Authentication

  2. Enable Windows Authentication

  3. In settings.py, add these two middleware layers:

     django.contrib.auth.middleware.AuthenticationMiddleware
 django.contrib.auth.middleware.RemoteUserMiddleware

    Add them between SessionMiddleware and CommonMiddleware, so the full list looks like this:

     MIDDLEWARE_CLASSES = [
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.middleware.csrf.CsrfResponseMiddleware',
     'forum.middleware.django_cookies.CookiePreHandlerMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.auth.middleware.RemoteUserMiddleware',
     'django.middleware.common.CommonMiddleware',
     'forum.middleware.extended_user.ExtendedUser',
     'forum.middleware.anon_user.ConnectToSessionMessagesMiddleware',
     'forum.middleware.request_utils.RequestUtils',
     'forum.middleware.cancel.CancelActionMiddleware',
     'forum.middleware.admin_messages.AdminMessagesMiddleware',
     'forum.middleware.custom_pages.CustomPagesFallbackMiddleware',
     'django.middleware.transaction.TransactionMiddleware',
     'forum.middleware.django_cookies.CookiePostHandlerMiddleware',
 ]

  4. Still in settings.py, replace AUTHENTICATION_BACKENDS with:

     AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.RemoteUserBackend',]

  5. Replace forum\middleware\extended_user.py with the file in this gist to allow new users to be provisioned automatically

Raw
extended_user.py
from django.contrib.auth.middleware import AuthenticationMiddleware
from django.contrib.auth import logout
from forum.models.user import User, AnonymousUser
from forum.views.auth import forward_suspended_user
import logging
import re
class ExtendedUser(AuthenticationMiddleware):
def process_request(self, request):
super(ExtendedUser, self).process_request(request)
if request.user.is_authenticated():
try:
request.user = request.user.user
if request.user.is_suspended():
user = request.user
logout(request)
return forward_suspended_user(request, user)
return None
except User.DoesNotExist:
username = re.sub('^.*?\\\\', '', request.META['REMOTE_USER'])
osqa_user = User(username=username, email='', user_ptr_id=request.user.pk)
osqa_user.save()
request.user = osqa_user
return None
except Exception, e:
import traceback
logging.error("Unable to convert auth_user %s to forum_user: \\n%s" % (
request.user.id, traceback.format_exc()
))
return None
request.user = AnonymousUser()
return None
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment