Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Adds x509 login capability to authlogic

tree: e34bfe3184

Fetching latest commit…

Cannot retrieve the latest commit at this time

README.rdoc

Authlogic x509 login

Authlogic x509 is an extension of the Authlogic library to add x509 support.

Dependancies

This plugin requires authlogic model based ruby authentication solution (github.com/binarylogic/authlogic). It also requires that the web server (i.e. Apache) will provide (controller.request.env) the x509 login information in the following variables:

SSL_CLIENT_S_DN (Subject DN)
SSL_CLIENT_I_DN (Issuer DN)

OR

REDIRECT_SSL_CLIENT_S_DN (Subject DN)
REDIRECT_SSL_CLIENT_I_DN (Issuer DN)

OR

HTTP_REDIRECT_SSL_CLIENT_S_DN (Subject DN)
HTTP_REDIRECT_SSL_CLIENT_I_DN (Issuer DN)

Install and use

1. Install the authlogic_x509 plugin

$ script/plugin install git://github.com/auth-scc/authlogic_x509.git

2. Create the login and mapping methods at your User class

Add in your User class something like this:

class User < ActiveRecord::Base

  ...
  def self.find_by_x509_login(x509_subject_dn, x509_issuer_dn)
    X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first && X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first.user
  end

  def self.map_x509_login(x509_subject_dn, x509_issuer_dn)
    dn = X509Login.where(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn).first || X509Login.new(:subject_dn => x509_subject_dn, :issuer_dn => x509_issuer_dn)
    dn.owner = self
    dn.save
  end
  ...

end
Something went wrong with that request. Please try again.