Skip to content
Browse files

Merge branch 'upstream'

Conflicts:
	lib/casclient/frameworks/rails/filter.rb
	rubycas-client.gemspec
  • Loading branch information...
2 parents 0004a1d + 3a5b5e7 commit 71c79dd9417091e32014a54d578dcaf45d32ed5c @soupmatt soupmatt committed
View
9 README.rdoc
@@ -38,6 +38,9 @@ API documentation (i.e. the RDocs) are available at http://rubycas-client.rubyfo
<b>NOTE:</b> For compatibility with Rails 3 have a look at https://github.com/zuk/rubycas-client-rails
+The current version of RubyCAS-Client should work with Rails 2.3.6 and up. For compatibility with
+older Rails try using an older version of the client.
+
You can download the latest version of RubyCAS-Client from the project's rubyforge page at
http://rubyforge.org/projects/rubycas-client.
@@ -107,7 +110,7 @@ Here is a more complicated configuration showing most of the configuration optio
(this does not show proxy options, which are covered in the next section):
# enable detailed CAS logging
- cas_logger = CASClient::Logger.new(RAILS_ROOT+'/log/cas.log')
+ cas_logger = CASClient::Logger.new(::Rails.root+'/log/cas.log')
cas_logger.level = Logger::DEBUG
CASClient::Frameworks::Rails::Filter.configure(
@@ -148,7 +151,7 @@ notify the client application that the CAS session is closed. The client will au
requsts from the CAS server, but in order for this to work you must configure your Rails application as follows:
1. The Rails session store must be set to ActiveRecord: <tt>config.action_controller.session_store = :active_record_store</tt>
-2. The server must be able to read and write to RAILS_ROOT/tmp/sessions. If you are in a clustered environment,
+2. The server must be able to read and write to Rails.root/tmp/sessions. If you are in a clustered environment,
the contents of this directory must be shared between all server instances.
3. Cross-site request forgery protection must be disabled. In your <tt>application.rb</tt>: <tt>self.allow_forgery_protection = false</tt>.
(Or rather you may want to disable forgery protection only for actions that are behind the CAS filter.)
@@ -229,7 +232,7 @@ all you need to do is this:
In your <tt>config/environment.rb</tt>:
# enable detailed CAS logging for easier troubleshooting
- cas_logger = CASClient::Logger.new(RAILS_ROOT+'/log/cas.log')
+ cas_logger = CASClient::Logger.new(::Rails.root+'/log/cas.log')
cas_logger.level = Logger::DEBUG
CASClient::Frameworks::Rails::Filter.configure(
View
10 examples/rails/config/boot.rb
@@ -1,7 +1,7 @@
# Don't change this file!
# Configure your app in config/environment.rb and config/environments/*.rb
-RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
+Rails.root = "#{File.dirname(__FILE__)}/.." unless defined?(Rails.root)
module Rails
class << self
@@ -21,7 +21,7 @@ def pick_boot
end
def vendor_rails?
- File.exist?("#{RAILS_ROOT}/vendor/rails")
+ File.exist?("#{Rails.root}/vendor/rails")
end
def preinitialize
@@ -29,7 +29,7 @@ def preinitialize
end
def preinitializer_path
- "#{RAILS_ROOT}/config/preinitializer.rb"
+ "#{Rails.root}/config/preinitializer.rb"
end
end
@@ -42,7 +42,7 @@ def run
class VendorBoot < Boot
def load_initializer
- require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
+ require "#{Rails.root}/vendor/rails/railties/lib/initializer"
Rails::Initializer.run(:install_gem_spec_stubs)
end
end
@@ -99,7 +99,7 @@ def parse_gem_version(text)
private
def read_environment_rb
- File.read("#{RAILS_ROOT}/config/environment.rb")
+ File.read("#{Rails.root}/config/environment.rb")
end
end
end
View
2 examples/rails/config/environment.rb
@@ -24,7 +24,7 @@
# More complicated configuration
-#cas_logger = CASClient::Logger.new(RAILS_ROOT+'/log/cas.log')
+#cas_logger = CASClient::Logger.new(Rails.root+'/log/cas.log')
#cas_logger.level = Logger::DEBUG
#
#CASClient::Frameworks::Rails::Filter.configure(
View
0 examples/rails/script/about 100755 → 100644
File mode changed.
View
0 examples/rails/script/console 100755 → 100644
File mode changed.
View
0 examples/rails/script/server 100755 → 100644
File mode changed.
View
9 lib/casclient/client.rb
@@ -1,7 +1,7 @@
module CASClient
# The client brokers all HTTP transactions with the CAS server.
class Client
- attr_reader :cas_base_url
+ attr_reader :cas_base_url, :cas_destination_logout_param_name
attr_reader :log, :username_session_key, :extra_attributes_session_key
attr_reader :ticket_store
attr_writer :login_url, :validate_url, :proxy_url, :logout_url, :service_url
@@ -23,6 +23,7 @@ def configure(conf)
end
@cas_base_url = conf[:cas_base_url].gsub(/\/$/, '')
+ @cas_destination_logout_param_name = conf[:cas_destination_logout_param_name]
@login_url = conf[:login_url]
@logout_url = conf[:logout_url]
@@ -44,6 +45,10 @@ def configure(conf)
@conf_options = conf
end
+ def cas_destination_logout_param_name
+ @cas_destination_logout_param_name || "destination"
+ end
+
def login_url
@login_url || (cas_base_url + "/login")
end
@@ -80,7 +85,7 @@ def logout_url(destination_url = nil, follow_url = nil)
if destination_url || follow_url
uri = URI.parse(url)
h = uri.query ? query_to_hash(uri.query) : {}
- h['destination'] = destination_url if destination_url
+ h[cas_destination_logout_param_name] = destination_url if destination_url
h['url'] = follow_url if follow_url
uri.query = hash_to_query(h)
uri.to_s
View
2 lib/casclient/frameworks/rails/cas_proxy_callback_controller.rb
@@ -37,6 +37,6 @@ def render_error(msg)
end
def open_pstore
- PStore.new("#{RAILS_ROOT}/tmp/cas_pgt.pstore")
+ PStore.new("#{::Rails.root}/tmp/cas_pgt.pstore")
end
end
View
12 lib/casclient/frameworks/rails/filter.rb
@@ -2,7 +2,7 @@ module CASClient
module Frameworks
module Rails
class Filter
- cattr_reader :config, :log, :client
+ cattr_reader :config, :log, :client, :fake_user, :fake_extra_attribues
# These are initialized when you call configure.
@@config = nil
@@ -133,7 +133,7 @@ def filter(controller)
def configure(config)
@@config = config
- @@config[:logger] = RAILS_DEFAULT_LOGGER unless @@config[:logger]
+ @@config[:logger] = ::Rails.logger unless @@config[:logger]
@@client = CASClient::Client.new(config)
@@log = client.log
end
@@ -279,8 +279,10 @@ def single_sign_out(controller)
if controller.request.post? &&
controller.params['logoutRequest'] &&
- controller.params['logoutRequest'] =~
- %r{^<samlp:LogoutRequest.*?<samlp:SessionIndex>(.*)</samlp:SessionIndex>}m
+ #This next line checks the logoutRequest value for both its regular and URI.escape'd form. I couldn't get
+ #it to work without URI.escaping it from rubycas server's side, this way it will work either way.
+ [controller.params['logoutRequest'],URI.unescape(controller.params['logoutRequest'])].find{|xml| xml =~
+ %r{^<samlp:LogoutRequest.*?<samlp:SessionIndex>(.*)</samlp:SessionIndex>}m}
# TODO: Maybe check that the request came from the registered CAS server? Although this might be
# pointless since it's easily spoofable...
si = $~[1]
@@ -335,7 +337,7 @@ def read_service_url(controller)
end
end
end
-
+
class GatewayFilter < Filter
def self.use_gatewaying?
return true unless @@config[:use_gatewaying] == false

0 comments on commit 71c79dd

Please sign in to comment.
Something went wrong with that request. Please try again.