Closed cordmata closed 9 years ago
cordmata
commented
9 years ago We have an app that our staff uses to manage media collections. The media it serves to the public gets authenticated by a configured player. The only people who need to login to the system are staff to access the admin. We'd like to use CAS so they don't have to remember a site-specific password just for this system and we don't need the cruft of all the curious folks who try to login.
yscumc
commented
9 years ago Cool! I also had the exact same requirements of restricting login to only existing staff users and solved it by sub-classing cas.backends.CASBackend and overriding authenticate(). Just want to chime in that it's probably a common use case to only allow a predetermined subset of the CAS users to login.
dstegelman
commented
9 years ago Thanks all. We just permissions to prevent people from being able to do anything upon login but I can certainly see the desire to not even want those users added to the DB.
Interesting.. I'm curious as to what your user case is that you would not want a user created locally when they login?