Skip to content

commmunity/cas_client

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
lib
lib
 
 
spec
spec
 
 
LICENSE
LICENSE
 
 
README.mdown
README.mdown
 
 
Rakefile
Rakefile
 
 
init.rb
init.rb
 
 
install.rb
install.rb
 
 
uninstall.rb
uninstall.rb
 
 

Repository files navigation

CasClient

Provides authentication to a cas_server. Cas authentication works as a filter on each HTTP request. If ticket parameter is provided, CAS request must be created and validated.

If you use cas_server and CasClient on same app, it will not create an HTTP request and directly proxy the request through Rack.

Checking CAS request

Here is some example code that you must add into your service provider ApplicationController for checking` cas request. You have to implement some simple local authentication if you don't want to query CasServer at every request (= Cas in Gateway mode). Usually you need local User table to store application business logic that is not supposed to be sharable between apps.

class ApplicationController < ActionController::Base

    before_filter :check_cas_request
    helper_method :login_url
    
    def login_url(params = {})
      cas_request.login_url(params).to_s
    end

    private
    
    def authenticate!(profile)
      # find or create from response profile and sets the user's id into
      # session.
    end
    
    def check_cas_request
      return unless CasClient::Request.validable?(params)
      self.current_user = nil
      response = cas_request.validate
      if response.is_a?(CasClient::Response::Success)
        authenticate!(response.profile)
        redirect_to(cas_request.service_url.to_s) # we redirect for removing ticket parameter
      else
        redirect_to(login_url(:renew => true))
      end
    end

    def cas_request
      @cas_request ||= CasClient::Request.new(cas_service_url, params, cas_service_provider)
    end
    
    # The service provider is an instance for cas_server URL mapping.
    def cas_service_provider
      @cas_service_provider ||= CasClient::ServiceProvider::Base.new('http://my_cas_server.example.com/')
    end
    
    def cas_service_url
      request.get? && !request.xhr? ? request.url : root_url
    end

end

Configuration

SSL

If you want to use SSL, add following line to your production.rb:

CasClient::ServiceProvider::Base.ssl = true

Static URLs

If you need to use static URLs for some services (for example if your have firewall issues), you can specify it into your production.rb:

CasClient::ServiceProvider::Base.use_static_url_for(:validate, 'http://localhost:3042')

Here we use a static URL for :validate action. Note that you can't yet change URL path. Here is all actions to cas_server that you can configure:

  • :edit_profile (/identities/:id/edit) : URL for editing user's profile (not in cas API reference).
  • :login (/cas/login) : Signin URL.
  • :logout (/cas/logout) : Logout URL.
  • :signup (/identities/new) : Signup URL (not in cas API reference).
  • :validate (/cas/serviceValidate) : URL for validating ticket (internal request).

Then you have access from a CasClient::Request instance to this methods: edit_profile_url, login_url, logout_url, signup_url.

All methods above can take extra parameters. Example:

cas_request.login_url(:auth => 'facebook')
=> http://example.com/cas/login?auth=facebook

Copyright (c) 2009 Alexis Toulotte, Dimelo Licenced under MIT

About

Lightweight Cas Client to be used with http://github.com/community/cas_server

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages