Open edX 配置 CAS 登陆

转载自:[记录] Open edX 配置 CAS 登陆

Open edX 目前支持CAS、SSL Client Certificates、Shibboleth三种认证扩展以及多种社会化登录(博客先前有过介绍),
默认支持列表可以参照官方WIki

CAS干嘛用的,看官比我清楚,没我清楚的请立即谷歌,故下面直接操作:

1.环境:

ubuntu 12.04
edx-devstack

1 sudo su edxapp

2.更换django-cas

edX默认安装mitx的版本base.txt#L145略旧,我们需要换掉

1 pip unstall django-cas

请先确认您已经安装mercurial

1 sudo apt-get install mercurial

克隆cpcc的最新版本:

3.CAS Server要求:

你可以安装官方标准CAS 1.x 2.x 或者3.X理论上都支持,但必须保证CAS提供username 和 email信息,建议不要使用1.x,推荐3.x
3.x添加别的字段可以参考官方wiki配置
2.x默认只提供username,需要添加别的信息就要硬编码,然后django-cas也需要相应的修改
我们测试使用2.x,只是因为学校请的攻城狮在闭源的道路上越走越远,楼主挽救不了。。。苦恼啊

4.Django-cas修改:

编辑 django_cas/backends.py 修改方法_verify_cas2

1 def _verify_cas2(ticket, service):
2     """Verifies CAS 2.0+ XML-based authentication ticket.
3
4     Returns username on success and None on failure.
5     """
6
7     try:
8         from xml.etree import ElementTree
9     except ImportError:
10         from elementtree import ElementTree
11
12     params = {'ticket': ticket, 'service': service}
13     url = (urljoin(settings.CAS_SERVER_URL, 'proxyValidate') + '?' +
14            urlencode(params))
15     page = urlopen(url)
16     try:
17         response = page.read()
18         elements = {}
19         tree = ElementTree.fromstring(response)
20         if tree[0].tag.endswith('authenticationSuccess'):
21             for element in tree[0]:
22                     elements[element.tag.split("}").pop()] = element.text
23             return tree[0][0].text, elements
24         else:
25             return None, None

然后修改CASBackend(object)类中的authenticate方法:

1 def authenticate(self, ticket, service, request):
2     """Verifies CAS ticket and gets or creates User object"""
3
4     username, attributes = _verify(ticket, service)
5     if attributes:
6         request.session['attributes'] = attributes
7     if not username:
8         return None
9     try:
10         user = User.objects.get(username=username)
11     except User.DoesNotExist:
12         # user will have an "unusable" password
13         user = User.objects.create_user(username,attributes['email'],'')
14         user.save()
15     return user

然后安装:

1 python django_cas/setup.py install

5.配置Open edX:

编辑 edx-platform/lms/envs/devstack.py 加入:

1 FEATURES['AUTH_USE_CAS'] = True
2 CAS_SERVER_URL = "http://cas/login"
3 AUTHENTICATION_BACKENDS = (
4     'django.contrib.auth.backends.ModelBackend',
5     'django_cas.backends.CASBackend',
6 )
7 INSTALLED_APPS += ('django_cas',)
8 MIDDLEWARE_CLASSES += ('django_cas.middleware.CASMiddleware',)

6.测试:

1 cd edx-platform
2 paver update_assets
3 paver devstack lms
Posted in Uncategorized.

edustack

edustack webmaster

发表评论

电子邮件地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据