Django: Routing user creation through custom RemoteUserBackend

Question

I am creating a Django project which requires HTTP basic authentication over SSL. Users are authenticated against my company's LDAP server. This is working using the method described at https://docs.djangoproject.com/en/1.3/howto/auth-remote-user/.

I have created a subclass of django.contrib.auth.backends.RemoteUserBackend which defines a configure_user() method which populates various user fields based on information pulled from LDAP. This works just fine when the user logs in using HTTP basic auth.

My project also requires users of the app to be able to enter usernames into a form. When the form is submitted, I would like to do the equivalent of User.objects.get_or_create(username=username) and have my custom RemoteUserBackend.configure_user() populate all of the missing fields from LDAP. This does not work as desired, and instead either gets an existing user (good) or creates a user with only the username field set (bad).

How can I get the desired behavior? I'd prefer to not have to rip out and replace Django's authentication model with a custom model, but it can be done if necessary. Target Django version is 1.3, but that can be changed.

Answer 1

I found a solution to the problem, but it requires relaxing the requirements to use session authentication instead of HTTP basic authentication.

By using django-auth-ldap I was able to authenticate against my company's LDAP server via Django's normal session authentication as well as create a user populated from LDAP.

django.contrib.auth.backends.RemoteUserBackend seems to conflict with django-auth-ldap, and users which log in using basic auth don't get their fields populated from django-auth-ldap. We may be able to change the original requirements to make this work.