[Fixed]-How to build a secure Django single signon between different sites?


Some more ideas…


OAuth for non-enterprise app. Django projects: django-oauth and django-oauth-consumer. Article: oauth in Django


Security Assertion Markup Language (SAML) is more for enterprise apps because it gives the “enterprise” more control over their own users and which of those users can access the app. This protocol is (was?) mostly driven by Google and friends (e.g. salesforce.com).

Articles: SAML Single Sign-On (SSO) Service for Google Apps and Demystifying SAML.

Python projects: PySAML and blog post

Django integration: SAML with Django (not a complete solution… just a starting point. Uses PySAML)

Information Cards

IIRC Information Cards are the Microsoft universe equivalent to SAML. Python projects: Python Information Card Processing and Information Cards for Python.
Nothing for Django as far as I know.


There is also CAS (User Manual) which can be integrated with django-cas.

And two more SAML projects I had forgotten about: gheimdall2 and python-saml2


Never used it, but there is Django-sso.



There are other possibilities, but I wouldn’t sweat over them because OpenID is used by lots of people and is the largest one of its kind.

Leave a comment