Can't login

[gbonline]

Hi, I'm looking for a CAS solution and i tryed this app.
i can run this with
bundle exec rails s
so i try on browser standard port 3000.
I've inserted some simple users in the users table
and when i write username and password on the form fields
i can't login !
I've tried the rubycas-server app and all have gone well
What can I do?
Giorgio

[luxflux]

To debug this, we need some more information. Please paste your configuration (cas.yml and database.yml) and as well how you created the database entries.

[gbonline]

Thank's for answer. My * .yml was copied from your examples and updated as follow:
I've manually created the "casinousers" database on mysql, and used sql statement to create the users table and sql insert for values, the same I've done for rubycas-server.

cas.yml:
production:
  frontend:
    sso_name: 'CASino'
    footer_text: 'Powered by <a href="http://rbcas.com/">CASino</a>'
  authenticators:

########################################
# LDAP
########################################
#    my_company_ldap:
#      authenticator: 'LDAP'
#      options:
#        host: 'localhost'
#        port: 636
#        base: 'ou=people,dc=example,dc=com'
#        username_attribute: 'uid'
#        encryption: 'simple_tls'
#        extra_attributes:
#          email: 'mail'
#          fullname: 'displayname'

########################################
# SQL (ActiveRecord authenticator)
########################################
    my_funny_sql_database:
      authenticator: "ActiveRecord"
      options:
        connection:
          adapter: "mysql2"
          host: "localhost"
          username: "root"
          password: "giorgio"
          database: "casinousers"
        table: "users"
        username_column: "username"
        password_column: "password"
        extra_attributes:
          email: "email"
          fullname: "fullname"

the database.yml:
production:
  adapter: mysql2
  encoding: utf8
  reconnect: false
  database: CASinoApp
  pool: 5
  username: root
  password: giorgio
  socket: /var/run/mysqld/mysqld.sock

and my users table is:

mysql> desc users;
+----------+-------------+------+-----+---------+----------------+
| Field    | Type        | Null | Key | Default | Extra          |
+----------+-------------+------+-----+---------+----------------+
| idusers  | int(11)     | NO   | PRI | NULL    | auto_increment |
| username | varchar(45) | YES  |     | NULL    |                |
| password | varchar(45) | YES  |     | NULL    |                |
| email    | varchar(45) | YES  |     | NULL    |                |
| fullname | varchar(45) | YES  |     | NULL    |                |
| level    | int(11)     | YES  |     | NULL    |                |
+----------+-------------+------+-----+---------+----------------+
6 rows in set (0.03 sec)

PS i put a minus - before # to avoid automatic bold chars

[luxflux]

I allowed myself to edit your comment. You can use three ` to create code blocks.

This looks good so far. How does such a table row out of users look like?
The password has to be hashed with a salt. You can create a password hash with salt for the password pw123 like this:

bundle exec ruby -rbcrypt -e 'puts BCrypt::Password.create("pw123")'

[gbonline]

Thank' for help!
I've not understand that passwords need to be hashed. I've inserted plain text pwd on the users table.
Now i've updated the password field length, i've updated the field with the string of your command BCrypt.. and now i can login !!
In the example for rubycas-server there is a reference if need hashed pwds, so i thought that in casinoapp the pwd was plain text since i did not find any different indication.
Last thing: mysql have a function for coding a text to insert into password field so i can use sql insert statement or i need a extra app for users management?
thank's

[luxflux]

That's good to hear!

As cleartext passwords are really insecure, we just don't support them. I don't know any function to create hashed and salted passwords with MySQL only. Postgresql has support for this: http://www.postgresql.org/docs/8.3/static/pgcrypto.html .

The user management is not part of CASinoApp, so you maybe want to generate the hash with the command above and use it in you sql-statement.

[vmahindra-c]

hi,
I have problem in login with users which i created in casino_users using mysql2 database. My cas.yml file is:
defaults: &defaults
login_ticket:
lifetime: 600
service_ticket:
lifetime_unconsumed: 300
lifetime_consumed: 86400
proxy_ticket:
lifetime_unconsumed: 300
lifetime_consumed: 86400
frontend:
sso_name: "CASino"
footer_text: "Powered by <a href="http://rbcas.com/\">CASino"

development:
<<: *defaults
authenticators:
my_company_sql_database:
authenticator: "ActiveRecord"
options:
connection:
adapter: "mysql2"
host: "localhost"
username: "root"
password: "maheshwari"
database: "CASinoApp"
table: "casino_users"
username_column: "username"
password_column: "password"
extra_attributes:
email: "email_database_column"
fullname: "displayname_database_column"

test:
<<: *defaults
authenticators:
static:
class: "CASino::StaticAuthenticator"
options:
users:
testuser:
password: "foobar123"

production:
<<: *defaults
authenticators:
my_company_ldap:
authenticator: "LDAP"
options:
host: "localhost"
port: 12445
base: "dc=users,dc=example.com"
username_attribute: "uid"
encryption: "simple_tls"
extra_attributes:
email: "mail

and my database.yml is:

development:
adapter: mysql2
encoding: utf8
reconnect: false
database: CASinoApp
pool: 5
username: root
password: maheshwari
socket: /var/run/mysqld/mysqld.sock

casino_users table:

+----+---------------+----------+-------------------------------------------------------------+---------------------+---------------------+
| id | authenticator | username | extra_attributes | created_at | updated_at |
+----+---------------+----------+-------------------------------------------------------------+---------------------+---------------------+
| 1 | vijay | vijay | NULL | NULL | NULL |
| 2 | static | testuser | --- !ruby/hash:ActiveSupport::HashWithIndifferentAccess {}
| 2015-06-29 10:42:36 | 2015-06-29 12:43:32 |
| 3 | vijay1 | vijay123 | --- !ruby/hash:ActiveSupport::HashWithIndifferentAccess | 2015-06-30 10:42:36 | 2015-06-29 12:46:32 |
| 4 | vijay2 | vijay123 | --- !ruby/hash:ActiveSupport::HashWithIndifferentAccess {} | 2015-06-30 10:42:36 | 2015-06-29 12:46:32 |
+----+---------------+----------+-------------------------------------------------------------+---------------------+---------------------+