Every repository with this icon (
) is private.
Every repository with this icon (
) is public.
| Description: | Provides a single sign-on solution for web applications, implementing the server-end of JA-SIG's CAS protocol. edit |
-
1 vote
2 comments Created 4 months ago by zukInstantiate authenticators at time of authentication rather than at server bootupbugx -
With multiple simultenous users logging in, the database pool size is getting exhausted. For a example a test using the default pool size settings with 3 concurrent users easily ends with:
ActiveRecord::ConnectionTimeoutError: could not obtain a database connection within 5 seconds. The max pool size is currently 5; consider increasing it.
/usr/lib/ruby/gems/1.8/gems/activerecord-2.3.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:198:in `checkout' /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:184:in `loop' /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:184:in `checkout' ... /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.3/lib/active_record/base.rb:613:in `find' /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.3/lib/active_record/base.rb:1900:in `find_by_ticket' /home/URBACON/mzukowski/eclipse-workspace/rubycas-server/lib/casserver/cas.rb:166:in `validate_service_ticket'Most likely this is an issue with Camping or Picnic, but there may be something going wrong in the RubyCAS-Server codebase.
Comments
-
0 votes
2 comments Created 7 months ago by gunarkbugxrubycas-server-ctl does not shut down the server properlyrubycas-server-ctlxJust a heads up... it looks like running
rubycas-server-ctl stopdoesn't shut down the server as expected. I don't have time to look into this right now, so some help would be appreciated. The problem likely lies in Picnic rather than in RubyCAS-Server.Comments
I have encountered this issue several times, and
don't have time to look into it either. However,
I am thinking of just migrate our rubycas-server server
to passenger, with my custom server control script, i.e.
http://github.com/godfat/app-deploy
There's rack cluster control script too.I am not sure if this information would help,
but this is my consideration in our website service. :)RubyCAS already runs on Passenger. See: http://code.google.com/p/rubycas-server/wiki/DeployingUnderPhusionPassenger
-
Here's my patch:
http://github.com/godfat/rubycas-server/commit/f4e0baf22924994b24d402ece2f8847277546eaf
I hope this could be considered. :)
Thanks!Comments
I'm holding off on integrating this because I think we will need a more robust strategy for using alternative templating systems. I don't have the time to look into this right now, and in any case it will probably wait until the 0.9.0 release. But don't worry, I definitely plan on getting this into mainline sooner rather than later.
-
0 votes
0 comments Created 5 months ago by zukStrip parameters when determing whether two URLs refer to the same servicebugxSee http://groups.google.com/group/rubycas-server/browse_thread/thread/707d81a7fe002024?hl=en
Ex:
http://example.com?foo=1
and
http://example.com?foo=2
both refer to the same service, yet ServiceTicket.matches_service? would incorreclty identify them as different services.Need to modify ServiceTicket.matches_service? (lib/casserver/models.rb:65) so that URL parameters are stripped off both URLs being compared.
Comments
-
0 votes
1 comment Created 3 months ago by zukAllow different themes to be used depending on request valuesfeaturex -
Currently there's only one session lifetime, i.e.
#maximum_session_lifetime: 172800in the config file, and cookies['tgt']'s "expires"
is set according to this value, and there's no
expired time saved in database.This make doing "Remember me on this computer" hard,
since we need to track at least two different session lifetime.
The easy way is just adding another config option, e.g.#remember_me_session_lifetime: 864000and setup cookies['tgt']'s "expires" according to whether user
checked the checkbox of "Remember me on this computer".I would go to this approach due to my limited time,
working on my fork. Feel free to cherry-pick or apply
on your own with other editing and/or refactoring.On the other hand, I am thinking of the possibility of adding
expired_at in database, then we could omit this config,
simply adding more time to "expires", enforcing session
expires time at server side for more security, customizing
more expiration policy, etc, etc.Many thanks for your listening.
Comments
Here it is.
http://github.com/godfat/rubycas-server/commit/a7a3a538e171c75a45625a5ff2986e011cda31a8
Along with this, I added a gettext string:
Remeber me on this computer -
I've translated from English to Tradition Chinese,
which is spoken here in Taiwan.
http://github.com/godfat/rubycas-server/blob/master/po/zh_TW/rubycas-server.po
This is based on my master fork, so line numbers would be
a bit different, and there's an additional:
msgid "Remeber me on this computer"Comments
-
I don't know why but Firefox send HTTP header Accept-Language
withzh-twinstead ofzh-TW, anden-usinstead ofen-US.
I am not sure if this should be case-sensitive or case-insensitive.
FWIW, here's the patch to make it work.
http://github.com/godfat/rubycas-server/commit/eb3108a8b9ca2ce46959669411e44437bd028c5eComments
-
The google auth plugin MUST support captcha as logins fail if google (randomly) decides it needs one.
Comments
pho3nixf1re
Wed Oct 14 12:26:09 -0700 2009
| link
I'm currently working on a patch since we've deployed this and are having serious issues with it, will post when complete.
-
0 votes
SQLEncryptedAuthenticator doesn't have any code to handle extra_attributes
1 comment Created 2 months ago by jin-youngActually, SQLAuthenticator has the code in validate method. However, unfortunately, it has been missing in validate method in SQLEncryptedAuthenticator.
Comments
I also needed that, so here it is:
http://github.com/laurynasl/rubycas-server/commit/389a477ace7edf6421dd6cd4241f8eadc2ff2fed -
0 votes
NoMethodError thrown while logging in using Test Authenticator
1 comment Created about 1 month ago by browsermediaWorking from the head release at github, on Mac OS X, I did the following:
- Uninstalled all rubycas-server gems
- Run rubycas-server/bin/rubycas-server
- Set the config.yml file it generated to use the CASServer::Authenticators::Test
- Run rubycas-server again
- Attempt to login using username = test, password = testpassword
Expected: Login to work
Actual: Received the following exception -NoMethodError: undefined method `merge' for nil:NilClass /Users/myusername/projects/rubycas-server/lib/casserver/controllers.rb:136:in 'post' /Users/myusername/projects/rubycas-server/lib/casserver/controllers.rb:133:in 'each' /Users/myusername/projects/rubycas-server/lib/casserver/controllers.rb:133:in `post'Looking at the code it appears as though this may be related to the changes that make Authenciators configure on every request. The same config.yml file works fine with the last known gem (gunark-rubycas-server-0.8.0.20090812) which predates the Authentication changes I believe.
For reference, here is the entire config.yml file.
server: webrick port: 443 ssl_cert: /Users/myusername/projects/rubycas-server/demo.pem database: adapter: mysql database: casserver username: root password: host: localhost authenticator: class: CASServer::Authenticators::Test theme: simple organization: CAS infoline: default_locale: en log: file: /var/log/casserver.log level: INFOComments
- Uninstalled all rubycas-server gems
Fixed in http://github.com/gunark/rubycas-server/commit/653be6d08421c8d7e87f027a1d4a3bca473831e5
Not fixed. We now have issues with maintaining database connections for authenticators. Kind of a mess... Probably need to keep a pool of connections open outside of the authenticator instances, but not sure right now how to best implement this.