#1 2006-01-13 18:05:08

From: Berlin
Registered: 2006-01-13
Posts: 2

NTLM Support (Windows Authentication)

We use MoinMoin as Wiki-Engine for the system documentation in our company. In the Moment we use the authentication with cookies. But it will be better, if we can use windows authentication (NTLM). Does MoinMoin supports this authentication or exist a way to realize this request ?



#2 2007-03-25 04:19:12

Registered: 2007-03-25
Posts: 1

Re: NTLM Support (Windows Authentication)

This is how we do it. Add this to your


from MoinMoin.multiconfig import DefaultConfig
from MoinMoin import config, user

def vrc_http(request, **kw):
    """ authenticate via http basic/digest/ntlm auth """
    from MoinMoin.request import RequestTwisted, RequestCLI
    user_obj = kw.get('user_obj')
    u = None
    # check if we are running Twisted
    if isinstance(request, RequestTwisted):
        username = request.twistd.getUser().decode(config.charset)
        password = request.twistd.getPassword().decode(config.charset)
        # when using Twisted http auth, we use username and password from
        # the moin user profile, so both can be changed by user.
        u = user.User(request, auth_username=username, password=password,
                      auth_method='http', auth_attribs=())

    elif not isinstance(request, RequestCLI):
        env = request.env
        auth_type = env.get('AUTH_TYPE','')
        if auth_type in ['Basic', 'Digest', 'NTLM', 'Negotiate',]:
            username = env.get('REMOTE_USER', '').decode(config.charset)
            if auth_type in ('NTLM', 'Negotiate'):
                # converting to standard case so the user can even enter wrong case
                # (added since windows does not distinguish between e.g.
                #  "Mike" and "mike")
                username = username.split('\\')[-1] # split off domain e.g.
                                                    # from DOMAIN\user
                #if this username is in Firstname.Lastname format, then we split
                # it and .title both items and glue them together
                username_parts = username.split('.')
                if len(username_parts) >= 2:
                    username = reduce(lambda x, y: x.title() + y.title(), username_parts)
                    # this "normalizes" the login name from {meier, Meier, MEIER} to Meier
                    # put a comment sign in front of next line if you don't want that:
                    username = username.title()
            # when using http auth, we have external user name and password,
            # we don't use the moin user profile for those attributes.
            u = user.User(request, auth_username=username,
                          auth_method='http', auth_attribs=('name', 'password'))

    if u:
    if u and u.valid:
        return u, True # True to get other methods called, too
        return user_obj, True

Then later in in your Config class, do this: auth = [vrc_http]

My email is !(no spam) andreizilla at no spam



You are not logged in.

Board footer

Powered by PunBB
© Copyright 2002–2008 PunBB