Adds x509 login capability to authlogic
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib
README.rdoc
init.rb

README.rdoc

Authlogic x509 login

Authlogic x509 is an extension of the Authlogic library to add x509 support.

Dependancies

This plugin requires authlogic model based ruby authentication solution (github.com/binarylogic/authlogic). It also requires that the web server (i.e. Apache) will provide (controller.request.env) the x509 login information in the following variables:

SSL_CLIENT_S_DN (Subject DN)
SSL_CLIENT_I_DN (Issuer DN)

OR

REDIRECT_SSL_CLIENT_S_DN (Subject DN)
REDIRECT_SSL_CLIENT_I_DN (Issuer DN)

OR

HTTP_REDIRECT_SSL_CLIENT_S_DN (Subject DN)
HTTP_REDIRECT_SSL_CLIENT_I_DN (Issuer DN)

Install and use

1. Install the authlogic_x509 plugin

$ script/plugin install git://github.com/auth-scc/authlogic_x509.git

2. Create the login and mapping methods at your User class

Add in your User class something like this:

class User < ActiveRecord::Base

  ...
  def self.find_by_x509_login(x509_subject_dn, x509_issuer_dn)
    X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first && X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first.user
  end

  def self.map_x509_login(x509_subject_dn, x509_issuer_dn)
    dn = X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first || X509Login.new(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn)
    dn.owner = self
    dn.save
  end
  ...

end