Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Active Directory Authentication
Ruby
branch: master

This branch is 116 commits behind Arcath:master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
spec
.gitignore
Gemfile
Gemfile.lock
Rakefile
Readme.rdoc
adauth.gemspec

Readme.rdoc

Adauth

Easy to use Active Directory Authentication for Rails.

Install

Add the Adauth gem to your Gemfile:

gem 'adauth'

and run a bundle install

Usage

Adauth requires a config file which can be created by running the command

rails g adauth:config

This creates a config file for example.com with all the values present along with helpful comments for getting Adauth up and running.

Thats enough to very basically run Adauth, and if you prefer complete control over how your authentication is handled you can use this method:

Adauth.authenticate(username, password)

Which has 2 possible return values nil if the users details are wrong or an instance of Adauth::User if the details are correct.

Adauth provides a lot of additional functionality which can be used to get your authentication up and running quickly. See the wiki for more information.

Developing

Obviously to test the AD functionality Adauth requires a working domain and a user to try logging in with. If you try running the tests without first creating the test_data.yml file then they will fail with this error:

Failure/Error: @yaml = YAML::load(File.open('spec/test_data.yml'))

You need to create a yaml file that looks like this:

domain:
  domain: example.com
  server: 127.0.0.1
  port: 389
  base: "dc=example, dc=com"
  pass_allowed_groups:
    - group
  fail_allowed_groups:
    - no_group
  pass_allowed_ous:
    - ou
  fail_allowed_ous:
    - no_ou

user:
  login: username
  password: password
  group: group
  ou: ou_user_is_in
  email: email_of_user_in_ad

The domain portion of this file is pretty self explanatory, they are the same as the code above for creating a domain connection. ALL options need to be set here.

The pass and fail allowed groups need to be an array with pass containing a group that the test user is a member of and fail containing a group that the test user isn't a member of. (The fail group doesn't have to exist)

The user is a user capable of logging into the domain, you can use your account here or any account on the domain. The group attribute needs to be set to a group that you are a member of so that the tests can make sure that the correct groups are picked up from AD.

Don't worry about this file making it into a pull request, it is in the .gitignore file so unless you remove it from there it wont be comitted.

If you make any additions/changes please add some tests for them.

Something went wrong with that request. Please try again.