烧瓶/ Python解码用户名NTLM或协商身份验证头 [英] Flask/Python decoding username NTLM or Negotiate Authentication Header
问题描述
我在我们的Intranet的IIS中托管了我的Flask应用程序。在Flask中,我能够得到www-authenticate头,但是我需要确定windows用户名。我没有启用基本身份验证,并能够通过该方法解析出用户名,但我希望这是透明的用户。在IE浏览器我有选项设置为自动登录到Intranet网站,所以他们不会提示输入用户名和密码。
我能够得到一个字符串,可以以NTLM或Negotiate开头(取决于IIS中的设置)和长验证字符串。什么是可靠的方式,我可以解码这个在Python /烧瓶?
明白了。
class RemoteUserMiddleware(object):
def __init __(self,app):
self.app = app
def __call __(self,environ,start_response):
user = environ.pop('HTTP_X_PROXY_REMOTE_USER',None)
environ ['REMOTE_USER'] = user
返回self.app(environ,start_response)
app.wsgi_app = RemoteUserMiddleware(app.wsgi_app)
然后在视图中这样做:
$ $ p $ username $ str(request.environ.get(' LOGON_USER'))
I have my Flask app hosted in IIS in our intranet. In Flask, I'm able to get the www-authenticate header, but I need to determine the windows username. I did have Basic Authentication enabled and was able to parse out the username via that method, but I want this to be transparent to the user. In IE I have the option set to auto login to intranet sites so they're not prompted for a username and password.
I am able to get a string that can either begin with NTLM or Negotiate (depending on the setting in IIS) and a long auth string. What is a reliable way I can decode this in python/Flask?
Got it.
class RemoteUserMiddleware(object):
def __init__(self, app):
self.app = app
def __call__(self, environ, start_response):
user = environ.pop('HTTP_X_PROXY_REMOTE_USER', None)
environ['REMOTE_USER'] = user
return self.app(environ, start_response)
app.wsgi_app = RemoteUserMiddleware(app.wsgi_app)
Then in the view by doing this:
username = str(request.environ.get('LOGON_USER'))
这篇关于烧瓶/ Python解码用户名NTLM或协商身份验证头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!