Authentication to FAS

The Fedora Account System has a JSON interface that we make use of to authenticate users in our web apps. Currently, there are two modes of operation. Some web apps have single sign-on capability with Fedora Account System. These are the TurboGears applications that use the jsonfasprovider. Other apps do not have single sign-on but they do connect to Fedora Account System to verify the username and password so changing the password in Fedora Account System changes it everywhere.

TurboGears Identity Provider 2

An identity provider with CSRF protection.

This will install as a TurboGears identity plugin. To use it, set the following in your APPNAME/config/app.cfg file:

identity.provider='jsonfas2'
visit.manager='jsonfas2'

See also

CSRF Protection

Turbogears Identity Provider 1

These methods are deprecated because they do not provide the CSRF protection of TurboGears Identity Provider 2. Please use that identity provider instead.

Table Of Contents

Previous topic

CSRF Middleware

Next topic

Fedora Django Authentication Backend

This Page