What would be the best solution to use a different authentication backend for the Django admin site?
+2
A:
See the documentation, which contains this quote:
The Django admin system is tightly coupled to the Django
User
object described at the beginning of this document. For now, the best way to deal with this is to create a DjangoUser
object for each user that exists for your backend (e.g., in your LDAP directory, your external SQL database, etc.) You can either write a script to do this in advance, or your authenticate method can do it the first time a user logs in.
Dominic Rodger
2010-01-21 11:03:56
But what will happen if a "standard" user (one who come from the django.contrib.auth.models.User) has a 'is_staff' flag. Should he be able to login into the admin interface? What I want is to avoid a privilege-escalation attack. I thinked to remove the 'is_staff' and 'is_superuser' fields from the django User table, but, by what I read it seems that another authentication backend (like one that use LDAP), will "create a Django User object for each user that exists for your backend". Still I can't figure how to avoid this, by keeping frontend user *very* far from the admin site.
S.c.
2010-01-21 11:09:47
@S.c. - Whether a "standard" user has `is_staff` doesn't need to have anything to do with whether they can access anything other than the Django admin site. Use permissions (http://docs.djangoproject.com/en/dev/topics/auth/#id1) to determine who can access what. The only exception is `User` objects with `is_superuser`, who pass all permission checks.
Dominic Rodger
2010-01-21 11:28:02