source: mauRepo/dj_security/trunk/README @ 8794

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/mauRepo/dj_security/trunk/README@8794
Revision 8794, 2.0 KB checked in by mnagni, 6 years ago (diff)

Incomplete - # 22737: [CEDA Site Python Port] Resource Registration - Make Agreement Docs PDFs
 http://team.ceda.ac.uk/trac/ceda/ticket/22737
Incomplete - # 22802: [CEDA Site Python Port] Login - no message is displayed when the user enters the wrong password
 http://team.ceda.ac.uk/trac/ceda/ticket/22802

Line 
1dj_security is a Django based application which should be deployed as
2authentication service. It validates a user identity adding to the
3response a cookie named after the AUTH_TKT parameter generated
4by the paste's authentication module.
5The application assume that a django.User model is used, as consequence inside
6the AUTH_TKT are encoded, inside the user_data parameter, information regarding
7the name, email, user/group roles, etc owned by the authenticated user.
8'user_data' has a JSON encoding format.
9
10In its default configuration it will reply to the incoming requests at path '/login'.
11
12The application contains a few configurable parameters concentrate in settings.py
13
141) SECURITY_SHAREDSECRET (optional, default='sharedsecret') to specify
15the secret key used by the authentication service to encrypt the AUTH_TKT cookie
16
172) the deafult dataset 'DB_xxx' parameters, that is:
18'ENGINE':   'DB_ENGINE',
19'NAME':     'DB_NAME',
20'USER':     'DB_USER',
21'PASSWORD': 'DB_PASSWORD',
22'HOST':     'DB_HOST',
23'PORT':     'DB_PORT',
24
253) NOT_ENCODE: the names in this list will be NOT encoded in the returned cookie
26
274) COOKIE_DOMAIN (optional, default='.rl.ac.uk'): the domain where the AUTH_TKT will belong
28
295) FAKE_RESPONSE (optional): if set to 'True' returns a fake authentication cookies.
30Only for development purposes.
31
326) CC_RESET_PASSWORD (optional, default=[]): the email(s) used to inform a manager(s) that a user
33required to reset his/her password
34
357) REDIRECT_FIELD_NAME (optional, default='r'): the parameter used by the client application
36to specify where redirect the user whenever the authentication succeed
37
388) TOKEN_FIELD_NAME (optional, default='t'): the parameter returned to the client application
39specifying a random generated token for user password reset (it is stored in userdb.tbusers.reset_token)
40
419) AUTH_TKT (optional, default='auth_tkt'): the name of the cookie generated after the authentication succeed
42
43
44----> LOGOUT
45- accountid: if present the LOGOUT button appears
46- home: is used by a {%url home%} to redirect the user after the logout
47
48
49   
Note: See TracBrowser for help on using the repository browser.