Lightweight Cas Client to be used with http://github.com/community/cas_server
Ruby
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
spec
LICENSE
README.mdown
Rakefile
init.rb
install.rb
uninstall.rb

README.mdown

CasClient

Provides authentication to a cas_server. Cas authentication works as a filter on each HTTP request. If ticket parameter is provided, CAS request must be created and validated.

If you use cas_server and CasClient on same app, it will not create an HTTP request and directly proxy the request through Rack.

Checking CAS request

Here is some example code that you must add into your service provider ApplicationController for checking` cas request. You have to implement some simple local authentication if you don't want to query CasServer at every request (= Cas in Gateway mode). Usually you need local User table to store application business logic that is not supposed to be sharable between apps.

class ApplicationController < ActionController::Base

    before_filter :check_cas_request
    helper_method :login_url
    
    def login_url(params = {})
      cas_request.login_url(params).to_s
    end

    private
    
    def authenticate!(profile)
      # find or create from response profile and sets the user's id into
      # session.
    end
    
    def check_cas_request
      return unless CasClient::Request.validable?(params)
      self.current_user = nil
      response = cas_request.validate
      if response.is_a?(CasClient::Response::Success)
        authenticate!(response.profile)
        redirect_to(cas_request.service_url.to_s) # we redirect for removing ticket parameter
      else
        redirect_to(login_url(:renew => true))
      end
    end

    def cas_request
      @cas_request ||= CasClient::Request.new(cas_service_url, params, cas_service_provider)
    end
    
    # The service provider is an instance for cas_server URL mapping.
    def cas_service_provider
      @cas_service_provider ||= CasClient::ServiceProvider::Base.new('http://my_cas_server.example.com/')
    end
    
    def cas_service_url
      request.get? && !request.xhr? ? request.url : root_url
    end

end

Configuration

SSL

If you want to use SSL, add following line to your production.rb:

CasClient::ServiceProvider::Base.ssl = true

Static URLs

If you need to use static URLs for some services (for example if your have firewall issues), you can specify it into your production.rb:

CasClient::ServiceProvider::Base.use_static_url_for(:validate, 'http://localhost:3042')

Here we use a static URL for :validate action. Note that you can't yet change URL path. Here is all actions to cas_server that you can configure:

  • :edit_profile (/identities/:id/edit) : URL for editing user's profile (not in cas API reference).
  • :login (/cas/login) : Signin URL.
  • :logout (/cas/logout) : Logout URL.
  • :signup (/identities/new) : Signup URL (not in cas API reference).
  • :validate (/cas/serviceValidate) : URL for validating ticket (internal request).

Then you have access from a CasClient::Request instance to this methods: edit_profile_url, login_url, logout_url, signup_url.

All methods above can take extra parameters. Example:

cas_request.login_url(:auth => 'facebook')
=> http://example.com/cas/login?auth=facebook

Copyright (c) 2009 Alexis Toulotte, Dimelo Licenced under MIT