blocks|key|5652971|text|我们正在使用OpenAM。http://forgerock.com/openam.html|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|5652972|OpenAM+Cookie表示用户已通过身份验证。|5652973|这方面的身份验证后端非常简单。不到50行代码。|5652974|https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#other-authentication-sources|5652975|我们编写了一些代码，向OpenAM服务器发出RESTful请求以获取用户、组和角色信息。然后，我们使用角色来确定用户的授权。|5652976|entityMap|0|LINK|mutability|MUTABLE|url|http://forgerock.com/openam.html|1^0|D|W|0|0|0|0|0|2J|1|0|0^^$0|@$1|2|3|4|5|6|7|U|8|@]|9|@$A|V|B|W|1|X]]|C|$]]|$1|D|3|E|5|6|7|Y|8|@]|9|@]|C|$]]|$1|F|3|G|5|6|7|Z|8|@]|9|@]|C|$]]|$1|H|3|I|5|6|7|10|8|@]|9|@$A|11|B|12|1|13]]|C|$]]|$1|J|3|K|5|6|7|14|8|@]|9|@]|C|$]]|$1|L|3|-4|5|6|7|15|8|@]|9|@]|C|$]]]|M|$N|$5|O|P|Q|C|$R|S]]|T|$5|O|P|Q|C|$R|I]]]]

We're using OpenAM. <a href="http://forgerock.com/openam.html" rel="nofollow noreferrer">http://forgerock.com/openam.html</a>
The OpenAM Cookie means that the user is authenticated.
An authentication backend for this is pretty simple. Under 50 lines of code.
<a href="https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#other-authentication-sources" rel="nofollow noreferrer">https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#other-authentication-sources</a>
We wrote a little bit of code that makes a RESTful request to the OpenAM server to get the user, group and role information. We then use the roles to determine the user's authorizations.

blocks|key|1679539|text|MamaCAS似乎是一个很好的解决方案。(在我写这篇文章时，它已经获得了104颗星。)|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1679540|https://github.com/jbittel/django-mama-cas|offset|length|1679541|Django+MamaCAS是Django中央身份验证服务(+|1679542|+)单点登录和单点注销服务器。它实现了CAS+1.0、2.0和3.0协议，包括一些可选功能。|blockquote|1679543|1679544|CAS是一种单点登录和单点注销web协议，允许用户在提供其凭据后访问多个应用程序。它利用安全票证，即由服务器生成和验证的唯一文本字符串，允许应用程序在不直接访问用户凭据(通常是用户ID和密码)的情况下对用户进行身份验证。|1679545|entityMap|0|LINK|mutability|MUTABLE|url^0|0|0|16|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|U|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|V|8|@]|9|@$D|W|E|X|1|Y]]|A|$]]|$1|F|3|G|5|6|7|Z|8|@]|9|@]|A|$]]|$1|H|3|I|5|J|7|10|8|@]|9|@]|A|$]]|$1|K|3|-4|5|6|7|11|8|@]|9|@]|A|$]]|$1|L|3|M|5|6|7|12|8|@]|9|@]|A|$]]|$1|N|3|-4|5|6|7|13|8|@]|9|@]|A|$]]]|O|$P|$5|Q|R|S|A|$T|C]]]]

MamaCAS appears to be a good solution. (It has gained 104 stars at the time of writing.)
<a href="https://github.com/jbittel/django-mama-cas" rel="noreferrer">https://github.com/jbittel/django-mama-cas</a>
<blockquote>
MamaCAS is a Django Central Authentication Service (CAS) single sign-on and single logout server. It implements the CAS 1.0, 2.0 and 3.0 protocols, including some of the optional features.
CAS is a single sign-on and single logout web protocol that allows a user to access multiple applications after providing their credentials a single time. It utilizes security tickets, unique text strings generated and validated by the server, allowing applications to authenticate a user without direct access to the user's credentials (typically a user ID and password).
</blockquote>

blocks|key|2123981|text|看看django-cas-provider+%2B+django-cas-consumer+(或django-cas)|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|2123982|entityMap|0|LINK|mutability|MUTABLE|url|https://github.com/Nitron/django-cas-provider|1|https://github.com/Nitron/django-cas-consumer|2|https://bitbucket.org/cpcc/django-cas/overview^0|2|J|0|O|J|1|1A|A|2|0^^$0|@$1|2|3|4|5|6|7|P|8|@]|9|@$A|Q|B|R|1|S]|$A|T|B|U|1|V]|$A|W|B|X|1|Y]]|C|$]]|$1|D|3|-4|5|6|7|Z|8|@]|9|@]|C|$]]]|E|$F|$5|G|H|I|C|$J|K]]|L|$5|G|H|I|C|$J|M]]|N|$5|G|H|I|C|$J|O]]]]

Take a look at <a href="https://github.com/Nitron/django-cas-provider" rel="nofollow noreferrer">django-cas-provider</a> + <a href="https://github.com/Nitron/django-cas-consumer" rel="nofollow noreferrer">django-cas-consumer</a> (or <a href="https://bitbucket.org/cpcc/django-cas/overview" rel="nofollow noreferrer">django-cas</a>)

blocks|key|1679504|text|django-sso是一个非常简洁的包，它实现了单点登录|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|1679505|entityMap|0|LINK|mutability|MUTABLE|url|http://code.google.com/p/django-sso/^0|0|A|0|0^^$0|@$1|2|3|4|5|6|7|L|8|@]|9|@$A|M|B|N|1|O]]|C|$]]|$1|D|3|-4|5|6|7|P|8|@]|9|@]|C|$]]]|E|$F|$5|G|H|I|C|$J|K]]]]

<a href="http://code.google.com/p/django-sso/" rel="noreferrer">django-sso</a> is a pretty neat package that implements single signon

blocks|key|2124101|text|Django简单单点登录是另一个。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|2124102|https://github.com/aldryn/django-simple-sso|offset|length|2124103|有关如何使用此repo+a+article的文章|2124104|entityMap|0|LINK|mutability|MUTABLE|url|1|https://micropyramid.com/blog/django-single-sign-on-sso-to-multiple-applications/^0|0|0|17|0|0|C|9|1|0^^$0|@$1|2|3|4|5|6|7|Q|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|R|8|@]|9|@$D|S|E|T|1|U]]|A|$]]|$1|F|3|G|5|6|7|V|8|@]|9|@$D|W|E|X|1|Y]]|A|$]]|$1|H|3|-4|5|6|7|Z|8|@]|9|@]|A|$]]]|I|$J|$5|K|L|M|A|$N|C]]|O|$5|K|L|M|A|$N|P]]]]

Django Simple SSO is another one.

<a href="https://github.com/aldryn/django-simple-sso" rel="nofollow noreferrer">https://github.com/aldryn/django-simple-sso</a>

article about how to use this repo
<a href="https://micropyramid.com/blog/django-single-sign-on-sso-to-multiple-applications/" rel="nofollow noreferrer">a article</a>

blocks|key|2124030|text|您可以按如下方式实现SSO：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|2124031|2124032|Shibboleth作为身份提供商|unordered-list-item|2124033|Django网站作为服务提供商|2124034|2124035|我刚刚在我的博客上写完了详细的指南：http://codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html|offset|length|2124036|entityMap|0|LINK|mutability|MUTABLE|url|http://codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html^0|0|0|0|0|0|I|26|0|0^^$0|@$1|2|3|4|5|6|7|U|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|V|8|@]|9|@]|A|$]]|$1|C|3|D|5|E|7|W|8|@]|9|@]|A|$]]|$1|F|3|G|5|E|7|X|8|@]|9|@]|A|$]]|$1|H|3|-4|5|6|7|Y|8|@]|9|@]|A|$]]|$1|I|3|J|5|6|7|Z|8|@]|9|@$K|10|L|11|1|12]]|A|$]]|$1|M|3|-4|5|6|7|13|8|@]|9|@]|A|$]]]|N|$O|$5|P|Q|R|A|$S|T]]]]

You may implement SSO as follows: 

<ul>
<li>Shibboleth as Identity Provider </li>
<li>Django website as Service Provider</li>
</ul>

I've just finished writing detailed guide on my blog: <a href="http://codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html" rel="nofollow">http://codeinpython.blogspot.com/2015/11/how-to-setup-shibboleth-identity.html</a>

blocks|key|4235650|text|CAS+(中央认证服务)是一个很好的解决方案，它支持Django和Flask的SSO+(单点登录)和单点注销(SLO)。以下是使用相同登录/注销的CAS服务器和多个客户端的设置说明：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4235651|Django|4235652|需要一个CAS客户端，所以我使用了名为django-cas-ng+package和here+is+its+configuration的新一代Django-CAS来制作您自己的客户端。(另外，这里需要一个pre-configured+client+repo)|unordered-list-item|offset|length|4235653|
|4235654|A归档存储服务器，所以我使用了pre-configured+repo.|4235655|4235656|4235657|笔记|style|BOLD|4235658|4235659|它支持Django+1.11、2.x、3.x|4235660|4235661|4235662|更新|4235663|4235664|还值得一提的是，您必须更改默认客户端的SESSION_COOKIE_NAME，以便创建可区分的会话，以避免在登录/注销时发生冲突。在Django中，您应该在每个Django客户机的settings.py中添加以下行：|CODE|4235665|4235666|SESSION_COOKIE_NAME+=+'client1_sess'|code-block|syntax|javascript|4235667|entityMap|0|LINK|mutability|MUTABLE|url|https://github.com/django-cas-ng/django-cas-ng|1|https://djangocas.dev/blog/django-cas-ng-example-project/|2|https://github.com/django-cas-ng/example|3|https://github.com/django-cas-ng/demo-cas-server^0|0|0|J|L|0|15|P|1|2T|Q|2|0|0|F|J|3|0|0|0|0|2|0|0|0|0|0|0|0|J|J|2I|B|0|0|0^^$0|@$1|2|3|4|5|6|7|1N|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|1O|8|@]|9|@]|A|$]]|$1|D|3|E|5|F|7|1P|8|@]|9|@$G|1Q|H|1R|1|1S]|$G|1T|H|1U|1|1V]|$G|1W|H|1X|1|1Y]]|A|$]]|$1|I|3|J|5|6|7|1Z|8|@]|9|@]|A|$]]|$1|K|3|L|5|F|7|20|8|@]|9|@$G|21|H|22|1|23]]|A|$]]|$1|M|3|-4|5|6|7|24|8|@]|9|@]|A|$]]|$1|N|3|-4|5|6|7|25|8|@]|9|@]|A|$]]|$1|O|3|P|5|6|7|26|8|@$G|27|H|28|Q|R]]|9|@]|A|$]]|$1|S|3|-4|5|6|7|29|8|@]|9|@]|A|$]]|$1|T|3|U|5|F|7|2A|8|@]|9|@]|A|$]]|$1|V|3|-4|5|6|7|2B|8|@]|9|@]|A|$]]|$1|W|3|-4|5|6|7|2C|8|@]|9|@]|A|$]]|$1|X|3|Y|5|6|7|2D|8|@]|9|@]|A|$]]|$1|Z|3|-4|5|6|7|2E|8|@]|9|@]|A|$]]|$1|10|3|11|5|F|7|2F|8|@$G|2G|H|2H|Q|12]|$G|2I|H|2J|Q|12]]|9|@]|A|$]]|$1|13|3|-4|5|6|7|2K|8|@]|9|@]|A|$]]|$1|14|3|15|5|16|7|2L|8|@]|9|@]|A|$17|18]]|$1|19|3|-4|5|6|7|2M|8|@]|9|@]|A|$]]]|1A|$1B|$5|1C|1D|1E|A|$1F|1G]]|1H|$5|1C|1D|1E|A|$1F|1I]]|1J|$5|1C|1D|1E|A|$1F|1K]]|1L|$5|1C|1D|1E|A|$1F|1M]]]]

CAS (Central Authentication Service) is a good solution that supports SSO (Single Sign-On) and Single Logout (SLO) for Django and Flask. Here is a setup instruction to have a CAS server and multiple clients with the same login/logout:
<ol>
<li>A CAS-Client is needed so I used the new generation of Django-CAS called <a href="https://github.com/django-cas-ng/django-cas-ng" rel="nofollow noreferrer">django-cas-ng package</a> and <a href="https://djangocas.dev/blog/django-cas-ng-example-project/" rel="nofollow noreferrer">here is its configuration</a> to make your own client. (Also, here is a <a href="https://github.com/django-cas-ng/example" rel="nofollow noreferrer">pre-configured client repo</a>)</li>
<li>A CAS-Server is needed so I used a <a href="https://github.com/django-cas-ng/demo-cas-server" rel="nofollow noreferrer">pre-configured repo</a>.</li>
</ol>
<hr />
[NOTE]:
<ul>
<li>It supports Django 1.11, 2.x, 3.x</li>
</ul>
<hr />
[UPDATE]:
<ul>
<li>It's also worth mentioning that, you have to change the default clients' <code>SESSION_COOKIE_NAME</code> in order to make distinguishable sessions to avoid conflicts at login/logout. In Django, you should add the following line in the <code>settings.py</code> for each Django client:</li>
</ul>
<pre class="lang-py prettyprint-override"><code>SESSION_COOKIE_NAME = 'client1_sess'
</code></pre>

blocks|key|5653144|text|我在Azure+AD和谷歌上使用过https://github.com/onelogin/python3-saml+--非常简单的设置，有很好的文档和支持。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|5653145|entityMap|0|LINK|mutability|MUTABLE|url|https://github.com/onelogin/python3-saml^0|H|14|0|0^^$0|@$1|2|3|4|5|6|7|L|8|@]|9|@$A|M|B|N|1|O]]|C|$]]|$1|D|3|-4|5|6|7|P|8|@]|9|@]|C|$]]]|E|$F|$5|G|H|I|C|$J|K]]]]

I have used <a href="https://github.com/onelogin/python3-saml" rel="nofollow noreferrer">https://github.com/onelogin/python3-saml</a> with Azure AD and Google–pretty simple setup with great docs and support.

I would like to use Django for implementing Single Sign On (SSO) for multiple applications that we currently use. How can I implement this using Django?

Implementing Single Sign On (SSO) using Django

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

教程

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云智能顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

EdgeOne AI 安全实战专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云AI代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

功能1上新10个字符

功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符。

功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符。

功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符

功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符

功能4上新

文章&问答评论现已支持表情

全新交互，全新视觉，新增快捷键、悬浮工具栏、高亮块等功能并同时优化现有功能，全面提升创作效率和体验

社区富文本编辑器全新改版！诚邀体验～ 

精选全网热门MCP server，让你的AI更好用 🚀

💥开发者 MCP广场重磅上线！

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

聚焦“写作效率、视觉美观与运行性能”三方面进行全面升级，为您提供更高效、稳定的创作环境

社区富文本&Markdown编辑器全新改版上线，欢迎大家体验!

诚挚邀请您参与本次调研，分享您的真实使用感受与建议。您的反馈至关重要，感谢您的支持与参与！

社区新版编辑器体验调研

我想使用Django为我们当前使用的多个应用程序实现单点登录(SSO)。如何使用Django实现此功能？

问使用Django实现单点登录(SSO)
EN

回答 8

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问使用Django实现单点登录(SSO)EN

回答 8

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问使用Django实现单点登录(SSO)
EN