之前的魔术词是kerberos身份验证。

The magic word herefore is kerberos authentication.

您的用户不针对django应用程序进行身份验证，而是针对django应用程序进行身份验证您的网络服务器。您的Intranet可能正在运行kerberos服务，该服务会为您验证用户身份，并且仅在REMOTE_USER中为您提供用户名（如果已通过验证）。

Your user does not authenticate against your django application but against your webserver. Your intranet probably has a kerberos service running, that authenticates your user for you and just gives you a user name in REMOTE_USER if he is authenticated.

然后您可以搜索LDAP

You can then search your LDAP for specific Access Rights or have an own database with special access rights.

这里是CentOS的一篇简短文章。您的环境看起来非常重要，因此我所能做的就是告诉您方向；-）

Here is a short article from CentOS. It is very important what your environment looks like, so all I cann do is show you the direction ;-)

http://wiki.centos.org/HowTos/HttpKerberosAuth