nitmir
commented
3 years ago Hi
You're indeed right, django-cas-server does not cohabit well with other app using django session. It does not use django auth framework at all and will completely erase user session upon login/logout, messing up with the auth framework if used. Django-cas-server can use a lots of different auth backends (I think most people use the ldap backend), most of them not matching exactly the Django user models. This is why the auth framework is not used.
The classic setup will be to use django-cas-server on a different django project than your main project with its own domain like https://cas.example.org. And then, on your main project, to use a CAS client like https://github.com/django-cas-ng/django-cas-ng.
I think (but I'm not sure) it is enough to have different cookie domain for django-cas-server and the rest of your project + a CAS client. Users will have different cookies and different session depending on from which url they access the service. With this, you could manage to keep a single project with 2 different (sub)domains.
Note it is possible to have 2 different django project use the same database as long as the django version is in sync between the 2 project. This would allow you to share the django users between 2 different Django projects.
(no problem for using the issue tracker for support requests, there indeed no other communication channels)
sumpfralle
I have an existing Django application (grouprise), which I would like to extend with an authentication provider, in order to let our users work with an external application (in this case: an element/matrix instance).
Thus I added
cas_servertoINSTALLED_APPSin my existing Django application. I was happy to get to a working login via/cas/loginquickly. Now it is possible to use the external application based on the account storage of my existing application.But I was surprised (surely due to my lack of understanding), that the session of my existing Django application is not connected to the session of the CAS Server application:
/cas/login-> afterwards the existing Django application is not authenticated (I need to log in separately, again)I assume, that this result is quite obvious for you, dear reader. But I am a bit at loss, what to do now.
I could imagine, that I could solve this, by adding a CAS client application to the setup, in order to redirect the authentication of existing application towards the CAS server.
Or maybe CAS server is just not meant to be combined with other applications? Or maybe I misunderstand something trivial?
Thank you for your time!
(sorry for using this issue tracker for a support request - I am not aware of other communication channels for CAS Server)