Skip to content
A Rack library for authenticating users via Kerberos
Ruby
Find file
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
lib/rack/auth
test
CHANGES
MANIFEST
README
Rakefile
rack-auth-kerberos.gemspec

README

= Description
The rack-kerberos library is a Rack library that uses Kerberos to authenicate
users against your Kerberos server.

= Prerequisites
* rack 1.0.0 or later
* rkerberos 0.1.0 or later

= Usage
use "Rack::Auth::Kerberos", "user_field", "password_field", "YOUR.REALM_NAME"

= Default Fields
The default user field is "username".
The default password field is "password".
The default realm is whatever you've got set in your krb5.conf file.

= Details
This rack library only handles requests that contain a username and password
parameter. If both are not present, the request is forwarded normally.

If a username and password are detected, then they're authenicated against
your Kerberos server. If valid, then env['AUTH_USER'] is set to the username
and env['AUTH_FAIL'] is deleted. If invalid, then env['AUTH_USER'] is deleted
and env['AUTH_FAIL'] is set to an error message explaining what went wrong.

Note that if env['AUTH_USER'] or env['AUTH_FAIL'] are already set, then the
request is forwarded normally.

Some details are logged in env['AUTH_LOG'], primarily for debugging purposes,
if needed.

= TODO
Handle other types of authentication, e.g. HTTP basic auth with a username
and password are submitted, instead of only looking in request params.

= Authors
Daniel Berger
Charlie O'Keefe
Marty Haught
Something went wrong with that request. Please try again.