skip to navigation
skip to content

django-auth-pubtkt 1.1.2

Implementation of mod_auth_pubtkt as Django middleware

Latest Version: 2.0.1


Author: Alexander Vyushkov

Implementation of mod_auth_pubtkt: a pragmatic Web Single Sign-On (SSO) solution as Django middleware. This version was tested on Python == 2.7, Django == 1.5

Please refer to for additional details.


django-auth-pubtkt uses M2Crypto library. Installation instructions for different platforms are below. When M2Crypto is installed, django-auth-pubtkt can be installed using pip pip install django-auth-pubtkt or using setuptools ./ install


Use binary package available on


Fedora Core (and RedHat, CentOS etc.) have made changes to OpenSSL configuration compared to many other Linux distributions. If you can not build M2Crypto normally, try the script included with M2Crypto sources.

pip install –download=/tmp M2Crypto==0.21.1 cd /tmp tar -zxf /tmp/M2Crypto-0.21.1.tar.gz cd M2Crypto-0.21.1 ./ install python test

Note that test is required in some cases to fix “ImportError: No module named __m2crypto” error. lease refer to for additional details


Add ‘django_auth_pubtkt.DjangoAuthPubtkt’ to MIDDLEWARE_CLASSES Change LOGIN_URL to “/sso/” Set TKT_AUTH_LOGIN_URL to the address of SSO login page Add piece of code below to from django_auth_pubtkt.views import redirect_to_sso url(‘^sso/’, redirect_to_sso),

OR Change LOGIN_URL to the address of SSO login page Configure your SSO to use ‘next’ as redirect field name or use @method_decorator(login_required(redirect_field_name=”back”))

Configuration variables (

TKT_AUTH_PUBLIC_KEY Default: None Filename of DSA public key in .pem format. It is used to verify ticket signature.

TKT_AUTH_COOKIE_NAME Default: “auth_pubtkt” Name of the authentication cookie to use.

TKT_AUTH_USE_GROUPS Default: False Treat tokens as group names. Create groups if they don’t exist yet.

TKT_AUTH_LOGIN_URL Default: None URL that users without a valid ticket will be redirected to

TKT_AUTH_BACK_ARG_NAME Default: “back” Name of the GET argument with the originally requested URL (when redirecting to the login page)

TKT_AUTH_ANONYMOUS_USER Default: True Add AnonymousUser object if no auth_pubtkt cookie is found. If set, django_auth_pubtkt can be used as a replacement to AuthenticationMiddleware. If disabled, AuthenticationMiddleware and django_auth_pubtkt can be used together.

File Type Py Version Uploaded on Size
django-auth-pubtkt-1.1.2.win32.exe (md5) MS Windows installer any 2014-02-02 203KB (md5) Source 2014-02-02 12KB