= Multiple Authentication Backends = Multiple authentication backends are now possible on the multi-auth branch. To get a copy, execute the following: {{{svn co http://code.djangoproject.com/svn/django/branches/multi-auth}}} The documentation has been updated and can be found here: http://code.djangoproject.com/browser/django/branches/multi-auth/docs/authentication.txt If you have problems, or the docs are unclear, please post your questions to the django-users or django-developers list. ''Note: For those paying attention to this proposal, credential plugins have been completely removed. While useful for some applications, the added complexity just wasn't worth it.'' ---- Start: Added by a relative newbie on May 12, 2006 Note: In the multi-auth branch (2892), you need to set AUTHENTICATION_BACKENDS to a tuple, similar to MULTIAUTH_BACKENDS above. the {{{authenticate}}} method looks for this setting in your settings.py file. I have it working and all I have is: {{{ #!python AUTHENTICATION_BACKENDS = ( "django.contrib.auth.copy_of_backends.LDAPBackend", ) }}} I made a copy of contrib.auth.backends so the svn can update it without overwriting my LDAPBackend class. Don't know if that is the best way to do it or not, but it works. ''I recommend you put it someplace like {{{myapp.auth.LDAPBackend}}}. Maintianing patches to Django is going to be a PITA. --Joseph Kocherhans'' I also hacked the contrib.auth.models file to change the check_password function to check against our LDAP server, and added a few small functions to check the type of user account. I know this will break next time I update the source, but I have a copy of that as well. There is surely a better way, but I'm still learning. ''You shouldn't have to hack the {{{check_password}}} function at all. It isn't called directly by Django's views anymore... only indirectly via {{{django.contrib.auth.backends.ModelBacked}}}, which you aren't using. -Joseph Kocherhans'' End of newbie addition ---- === sample LDAPBackend class === From the same newbie as above on May 12, 2006 This is located in the contrib/auth/copy_of_backends.py file. The two original models are still in the file as well. I just added this one in the middle. {{{ #!python class LDAPBackend: """ Authenticate against our LDAP Database """ def authenticate(self, username=None, password=None): # bind and see if the user exists if ldap.userExists(username): # user exists in our LDAP, see if they exist in Django # if not, add them to django's user database since django relies on that try: user = User.objects.get(username=username) if ldap.check_ldap_password(username, password): return user except User.DoesNotExist: # get the first name, last name, email from ldap u = ldap.getUser(username) # get user attributes here as well, like mail, fname, lname user = User(username=username, password='getmefromldap') user.email = mail user.first_name = fname user.last_name = lname user.is_staff = False user.is_superuser = False user.save() return user else: return None def get_user(self, user_id): try: return User.objects.get(pk=user_id) except User.DoesNotExist: return None }}} And it worked! I was able to logon as a user who had no entry in Django, and then it added my entry and away I went. Pretty nice stuff.