Single sign on (SSO) with Atlassian Crowd 2.0 for Ruby on Rails.
See also: stefanwille.com/2010/07/rails-plugin-for-single-sign-on-with-atlassian-crowd/
sudo gem install crowd_rails
-
gem crowd-stefanwille
-
soap4r v1.5.8
-
Atlassian Crowd v2.0
-
Ruby v1.8.6 (or later)
-
Rails 2.3.8 (or later)
Add a file config/initializers/crowd_setup.rb and configure:
require 'crowd' Crowd.crowd_url = 'http://127.0.0.1:8095/crowd/services/SecurityServer' Crowd.crowd_app_name = 'soaptest' Crowd.crowd_app_pword = 'soaptest' Crowd.crowd_validation_factors_need_user_agent = false # false for Crowd 2.0.5, true for Crowd 2.0.2 Crowd.crowd_session_validationinterval = 0 # Set > 0 for authentication caching.
Then add this to your ApplicationController class:
class ApplicationController < ActionController::Base
include Crowd::SingleSignOn
...
before_filter :authenticate
private
def authenticate
return if RAILS_ENV == "test"
return if crowd_authenticated?
authenticate_or_request_with_http_basic('My Application') do |user_name, password|
crowd_authenticate(user_name, password)
end
end
end
This will give you the usual gray password box (aka ‘basic auth’). Replace Rails’ the call to authenticate_or_request_with_http_basic() that asks the user for username and password if you want some fancier.
There is an example Rails app at github.com/stefanwille/crowd_rails_test that implements this approach.
See the rdoc at rdoc.info/github/stefanwille/crowd_rails/master/frames.
Assumptions (used above):
-
Crowd Server is on localhost, port 8095
-
There is an application configured in Crowd with name and password ‘soaptest’
-
Application ‘soaptest’ directory set to ‘True’
-
Interoperable single sign on with Atlassian Crowd 2.0.2 and 2.0.5.
-
Can be configured for authentication caching.
Available methods in module Crowd::SingleSignOn:
-
crowd_authenticated? - Returns whether the user is already authenticated.
-
crowd_authenticate(user_name, password) - Authenticates the user with the given user name and password and marks the user as authenticated on success.
-
crowd_authenticate!(user_name, password) - Same as #crowd_authenticate, but raises an AuthenticationException on failure.
-
crowd_current_user_display_name - Returns the current users display name.
-
crowd_current_user - Returns the current user, as seen by crowd.
-
crowd_token - Returns the crowd token or nil.
-
crowd_log_out - Logs the user out
-
Fork the project.
-
Make your feature addition or bug fix.
-
Add tests for it. This is important so I don’t break it in a future version unintentionally.
-
Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
-
Send me a pull request. Bonus points for topic branches.
Copyright © 2010 Stefan Wille. See LICENSE for details.