Permalink
Browse files

Added README file

  • Loading branch information...
1 parent f258ea4 commit e34bfe31844917edcc3eb3abc9faa3181060e359 @ctria ctria committed May 17, 2011
Showing with 58 additions and 2 deletions.
  1. +47 −0 README.rdoc
  2. +11 −2 lib/authlogic_x509/session.rb
View
@@ -0,0 +1,47 @@
+= Authlogic x509 login
+
+Authlogic x509 is an extension of the Authlogic library to add x509 support.
+
+== Dependancies
+
+This plugin requires authlogic model based ruby authentication solution (https://github.com/binarylogic/authlogic). It also requires that the web server (i.e. Apache) will provide (controller.request.env) the x509 login information in the following variables:
+
+ SSL_CLIENT_S_DN (Subject DN)
+ SSL_CLIENT_I_DN (Issuer DN)
+
+OR
+
+ REDIRECT_SSL_CLIENT_S_DN (Subject DN)
+ REDIRECT_SSL_CLIENT_I_DN (Issuer DN)
+
+OR
+
+ HTTP_REDIRECT_SSL_CLIENT_S_DN (Subject DN)
+ HTTP_REDIRECT_SSL_CLIENT_I_DN (Issuer DN)
+
+
+== Install and use
+
+=== 1. Install the authlogic_x509 plugin
+
+ $ script/plugin install git://github.com/auth-scc/authlogic_x509.git
+
+=== 2. Create the login and mapping methods at your User class
+
+Add in your User class something like this:
+
+ class User < ActiveRecord::Base
+
+ ...
+ def self.find_by_x509_login(x509_subject_dn, x509_issuer_dn)
+ X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first && X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first.user
+ end
+
+ def self.map_x509_login(x509_subject_dn, x509_issuer_dn)
+ dn = X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first || X509Login.new(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn)
+ dn.owner = self
+ dn.save
+ end
+ ...
+
+ end
@@ -9,6 +9,13 @@ def self.included(klass)
end
module Config
+
+
+ def self.map_x509_login(x509_subject_dn, x509_issuer_dn)
+ dn = X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first || X509Login.new(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn)
+ dn.owner = self
+ dn.save
+ end
# Once X509 authentication has succeeded we need to find the user in the database. By default this just calls the
# find_by_x509_login method provided by the User class. If you have a more advanced set up and need to find users
# differently specify your own method and define your logic in there.
@@ -17,7 +24,7 @@ module Config
#
# class User < ActiveRecord::Base
# def self.find_by_x509_login(x509_subject_dn, x509_issuer_dn)
- # first(:conditions => ["#{X509Login.table_name}.x509_subject_dn = ? and #{X509Login.table_name}.x509_issuer_dn = ?", login], :join => :x509_logins)
+ # X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first && X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first.user
# end
# end
#
@@ -36,7 +43,9 @@ def find_by_x509_login_method(value = nil)
#
# class User < ActiveRecord::Base
# def self.map_x509_login(x509_subject_dn, x509_issuer_dn)
- # self.x509_logins.create(:user_id=>self.id, :subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn)
+ # dn = X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first || X509Login.new(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn)
+ # dn.owner = self
+ # dn.save
# end
# end
#

0 comments on commit e34bfe3

Please sign in to comment.