config/cas.yml.example vendor/plugins/rubycas-client/CHANGELOG.txt vendor/plugins/rubycas-client/History.txt vendor/plugins/rubycas-client/LICENSE.txt vendor/plugins/rubycas-client/Manifest.txt vendor/plugins/rubycas-client/README.txt vendor/plugins/rubycas-client/Rakefile vendor/plugins/rubycas-client/init.rb vendor/plugins/rubycas-client/lib/casclient.rb vendor/plugins/rubycas-client/lib/casclient/client.rb vendor/plugins/rubycas-client/lib/casclient/frameworks/rails/cas_proxy_callback_controller.rb vendor/plugins/rubycas-client/lib/casclient/frameworks/rails/filter.rb vendor/plugins/rubycas-client/lib/casclient/responses.rb vendor/plugins/rubycas-client/lib/casclient/tickets.rb vendor/plugins/rubycas-client/lib/casclient/version.rb vendor/plugins/rubycas-client/lib/rubycas-client.rb vendor/plugins/rubycas-client/setup.rb @@ -3,6 +3,7 @@ class ApplicationController < ActionController::Base include ExceptionNotifiable include AuthenticatedSystem + before_filter CASClient::Frameworks::Rails::Filter if WebistranoConfig[:authentication_method] == :cas before_filter :login_from_cookie, :login_required around_filter :set_timezone app/controllers/application.rb @@ -26,8 +26,12 @@ class SessionsController < ApplicationController self.current_user.forget_me if logged_in? cookies.delete :auth_token reset_session - flash[:notice] = "You have been logged out." - redirect_back_or_default( home_path ) + if WebistranoConfig[:authentication_method] != :cas + flash[:notice] = "You have been logged out." + redirect_back_or_default( home_path ) + else + redirect_to "#{CASClient::Frameworks::Rails::Filter.config[:logout_url]}?serviceUrl=#{home_url}" + end end def version app/controllers/sessions_controller.rb @@ -1,6 +1,9 @@ class StylesheetsController < ApplicationController skip_before_filter :login_required + if WebistranoConfig[:authentication_method] == :cas + skip_before_filter CASClient::Frameworks::Rails::Filter + end session :off app/controllers/stylesheets_controller.rb @@ -99,7 +99,7 @@ class User < ActiveRecord::Base end def password_required? - crypted_password.blank? || !password.blank? + WebistranoConfig[:authentication_method] != :cas && (crypted_password.blank? || !password.blank?) end app/models/user.rb @@ -9,6 +9,7 @@ <%= text_field 'user', 'email', :style =>'width:330px;' %> </p> +<% unless WebistranoConfig[:authentication_method] == :cas -%> <p> <b>Password</b><br /> <%= password_field 'user', 'password', :style =>'width:330px;' %> @@ -18,6 +19,7 @@ <b>Password confirmation</b><br /> <%= password_field 'user', 'password_confirmation', :style =>'width:330px;' %> </p> +<% end -%> <p> <b>Timezone</b><br /> app/views/users/_form.html.erb @@ -34,6 +34,7 @@ Rails::Initializer.run do |config| # Force all environments to use the same logger level # (by default production uses :info, the others :debug) # config.log_level = :debug + # Your secret key for verifying cookie session data integrity. # If you change this key, all old sessions will become invalid! @@ -76,6 +77,11 @@ end # Include your application configuration below +if WebistranoConfig[:authentication_method] == :cas + cas_options = YAML::load_file(RAILS_ROOT+'/config/cas.yml') + CASClient::Frameworks::Rails::Filter.configure(cas_options[RAILS_ENV]) +end + WEBISTRANO_VERSION = '1.4' ActiveSupport::CoreExtensions::Time::Conversions::DATE_FORMATS.update(:log => '%Y-%m-%d %H:%M') config/environment.rb @@ -7,6 +7,9 @@ WebistranoConfig = { # secret password for session HMAC :session_secret => 'please choose a long random string, min. 30 characters', + + # Uncomment to use CAS authentication + # :authentication_method => :cas, # SMTP settings for outgoing email :smtp_delivery_method => :sendmail, @@ -26,5 +29,5 @@ WebistranoConfig = { # Sender and recipient for Webistrano exceptions :exception_recipients => "team@example.com", :exception_sender_address => "webistrano@example.com" - + } config/webistrano_config.rb.sample @@ -9,7 +9,7 @@ module AuthenticatedSystem # Accesses the current user from the session. Set it to :false if login fails # so that future calls do not hit the database. def current_user - @current_user ||= (login_from_session || login_from_basic_auth || login_from_cookie || :false) + @current_user ||= (login_from_cas || login_from_session || login_from_basic_auth || login_from_cookie || :false) end # Store the given user in the session. @@ -95,6 +95,11 @@ module AuthenticatedSystem base.send :helper_method, :current_user, :logged_in? end + # Called from #current_user. First attempt to login by the user id from cas. + def login_from_cas + self.current_user = User.find_by_login(session[:cas_user]) if session[:cas_user] + end + # Called from #current_user. First attempt to login by the user id stored in the session. def login_from_session self.current_user = User.find_by_id(session[:user]) if session[:user] lib/authenticated_system.rb 76b00ded89f7c92eed1883b412fa4c801a3b9df4 Tim Shadel github@timshadel.com http://github.com/timshadel/webistrano/commit/24a304afeabf5dcc9139e5bbb7396bdbf56b711c 24a304afeabf5dcc9139e5bbb7396bdbf56b711c 2008-10-09T10:06:27-07:00 2008-09-23T13:25:03-07:00 Add CAS authentication as an option. To use: * Login with an existing admin user (like the default admin/admin) * Create a new user with a login that matches their CAS login * Give that user a dummy password (it won't be checked) * Stop Webistrano * Uncomment the CAS setting (see config/webistrano_config.rb.sample) * Start Webistrano * When accessing Webistrano, you should be sent to the CAS page, or you should be automatically logged in if you've signed in already. Signed-off-by: Tim Shadel <github@timshadel.com> 9284ddf2d4f083f2128d89543e050e7d2da5b0c9 Tim Shadel github@timshadel.com