X-Git-Url: https://git.mdrn.pl/django-cas-provider.git/blobdiff_plain/38bde55959257eaef6b76dc3f45424c7d0bd64e8..HEAD:/README.rst diff --git a/README.rst b/README.rst index e8a53f9..d7bed27 100644 --- a/README.rst +++ b/README.rst @@ -5,12 +5,8 @@ django-cas-provider OVERVIEW ========= -django-cas-provider is a provider for the `Central Authentication Service `_. It supports -CAS version 1.0 and CAS version 2.0 protocol. It allows remote services to authenticate users for the purposes -of Single Sign-On (SSO). For example, a user logs into a CAS server (provided by django-cas-provider) and can -then access other services (such as email, calendar, etc) without re-entering her password for each service. -For more details, see the `CAS wiki `_ and -`Single Sign-On on Wikipedia `_. +django-cas-provider is a provider for the `Central Authentication Service `_. It supports CAS version 1.0 and parts of CAS version 2.0 protocol. It allows remote services to authenticate users for the purposes of Single Sign-On (SSO). For example, a user logs into a CAS server +(provided by django-cas-provider) and can then access other services (such as email, calendar, etc) without re-entering her password for each service. For more details, see the `CAS wiki `_ and `Single Sign-On on Wikipedia `_. INSTALLATION ============= @@ -23,7 +19,6 @@ Or, put `cas_provider` somewhere on your Python path. If you want use CAS v.2 protocol or above, you must install `lxml` package to correct work. - USAGE ====== @@ -38,7 +33,7 @@ SETTINGS CAS_TICKET_EXPIRATION - minutes to tickets expiration. Default is 5 minutes. -CAS_CUSTOM_ATTRIBUTES_CALLBACK - name of callback to provide dictionary with +CAS_CUSTOM_ATTRIBUTES_CALLBACK - name of callback to provide dictionary with extended user attributes (may be used in CAS v.2 or above). Default is None. CAS_CUSTOM_ATTRIBUTES_FORMAT - name of custom attribute formatter callback will be @@ -72,18 +67,18 @@ It has not required arguments. Optional arguments: * template_name - login form template name (default is 'cas/login.html') -* success_redirect - redirect after successful login if service GET argument is not provided +* success_redirect - redirect after successful login if service GET argument is not provided (default is settings.LOGIN_REDIRECT_URL) * warn_template_name - warning page template name to allow login user to service if he already authenticated in SSO (default is 'cas/warn.html') -If request.GET has 'warn' argument and user has already authenticated in SSO it shows +If request.GET has 'warn' argument and user has already authenticated in SSO it shows warning message instead of generate Service Ticket and redirect. logout ----------- -This destroys a client's single sign-on CAS session. The ticket-granting cookie is destroyed, +This destroys a client's single sign-on CAS session. The ticket-granting cookie is destroyed, and subsequent requests to login view will not obtain service tickets until the user again presents primary credentials (and thereby establishes a new single sign-on session). @@ -96,25 +91,16 @@ Optional arguments: validate ------------- -It checks the validity of a Service ticket. It is part of the CAS 1.0 protocol and thus does +It checks the validity of a service ticket. It is part of the CAS 1.0 protocol and thus does not handle proxy authentication. -It has not arguments. - -service_validate -------------------------- - -It checks the validity of a Service Ticket and returns an XML-fragment response via CAS 2.0 protocol. It has not arguments. -proxy_validate +service_validate ------------------------- -It checks the validity of a Proxy Ticket and returns an XML-fragment response via CAS 2.0 protocol. - -proxy -------------------------- -Creates a proxy ticket for a given Proxy Granting Ticket. +It checks the validity of a service ticket and returns an XML-fragment response via CAS 2.0 protocol. +Work with proxy is not supported yet. It has not arguments.