[Solved]-Django authenticate using logged in windows domain user


When the Web server (here django hosted on IIS) takes care of authentication it typically sets the REMOTE_USER environment variable for use in the underlying application. In Django, REMOTE_USER is made available in the request.META attribute. Django can be configured to make use of the REMOTE_USER value using the RemoteUserMiddleware and RemoteUserBackend classes found in django.contrib.auth.
You must add the django.contrib.auth.middleware.RemoteUserMiddleware to the MIDDLEWARE_CLASSES setting after the django.contrib.auth.middleware.AuthenticationMiddleware:


Next, you must replace the ModelBackend with RemoteUserBackend in the AUTHENTICATION_BACKENDS setting:


With this setup, RemoteUserMiddleware will detect the username in request.META['REMOTE_USER'] and will authenticate and auto-login that user using the RemoteUserBackend.

(More info https://docs.djangoproject.com/en/1.5/howto/auth-remote-user/ )

To get REMOTE_USER in request do the following IIS settings:

1.In Control Panel, click Programs and Features, and then click Turn Windows features on or off.

2.Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select Windows Authentication.

IIS Manager

  1. Open IIS Manager and navigate to the level you want to manage.
  2. In Features View, double-click Authentication.
  3. On the Authentication page, select Windows Authentication.
  4. In the Actions pane, click Enable to use Windows authentication.
    (More info)


Check out this module https://pypi.org/project/django-windowsauth/

You can use it module to deploy your Django Project on IIS and enable Windows Authentication.
It can also handle synchronize extra user information from Active Directory, and some other neat features.

Leave a comment