Since the very beginning of the Django based social web pages at KTH known as KTH Social we’ve been using a private copy of the django_cas module to integrate with our Jasig CAS single sign on web authentication system.
The problem with the original django_cas project was mostly that it did not support proxy authentication, a mechanism by which a web application can authenticate to backend web services on the behalf of a user in a secure manner, and which we needed. So I implemented this and provided a patch to the django_cas maintainers. It was never integrated. Actually, some of the documentation was but not the code, which seemed, uhm…, weird.
It became obvious that development of django_cas was slow, when there was any at all, and focused on maintaining status quo. The code supports very old versions of CAS, Python and Django and new features don’t get integrated. This was also true of the single sign out patch developed by another user which we also needed.
Eventually, the repository was moved to a new site at which point the provided patches were lost and I got tired of it.
Hence django_cas2, the all new and shiny django_cas module now available on github.
It is mainly a drop in replacement which is why I haven’t changed the project name, at least for the time being. If someone comes up with a brilliant new project name, involving CAS and Django in some manner, I will reconsider, try to get the project into the python package index and take the hit on deployment of our production system with some South magic.
The new module is refactorized with a rather heavy hand and requires reasonably new versions of CAS, Python and Django. It supports the CAS 2.0 protocol only and is verified to work with at least Django 1.4.1 and Python 2.6.6 and 2.7.2. Other versions may work but are not tested. It is originally based on django_cas 2.0.3 but the very few real changes since then have been integrated as far as I know.
New features not available in the original django_cas module include:
- Proxy authentication.
- Single sign out.
- Support for enforcing new username and password entry to login (renew).
- Support for not creating new users on authentication success.
- Removed Django messaging from the module.
Clone, hack away and remember to send me a pull request when you are done and I’ll look into it.