[ANN] CAS Authentication filter

Ola_B · July 14, 2006, 11:28am

Hi

CAS is a centralized authentication service, and the cas_auth filter can
be installed to automatically make your web application authenticate
against a CAS server. The SVN path to the plugin is
http://svn.ki.se/rails/plugins/cas_auth
and a homepage with some information can be found at
http://opensource.ki.se/casauth.html

For use, just install the plugin in your application and set these
attributes in your environment.rb
CAS::Filter.login_url
CAS::Filter.validate_url
CAS::Filter.server_name

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.

Ola_B · July 14, 2006, 2:38pm

Ola:

This is very nice. We’ve been using our own drop-in controller for this
but
I like what you’ve done. We’ll try your plugin on a couple of our
systems
and report back to you if there are errors.

Ola_B · July 14, 2006, 7:07pm

To use this plugin, would I need to setup a CAS server for my company?
-Larry

Ola_B · July 14, 2006, 7:58pm

Larry K. wrote:

To use this plugin, would I need to setup a CAS server for my company?
-Larry

Yes, this is only the client part of such a system. There are many
available implementations, though. (But I’m sorry to say that most are
in Java, so you’ll have to have at least one Java server in your
enterprise. But OTOH, are there any enterprises without Java at this
stage?)

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.

Ola_B · July 14, 2006, 8:14pm

snacktime wrote:

stage?)

If you just implement CAS 1.0 it’s pretty straight forward. We did
our own implementation in mod perl in a couple of days.

Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

Hi!

Yes, it’s only CAS 1.0, the most rudimentary parts needed to actually
get the authentication bits working correctly. And as you say, I know
it’s very simple and could probably be done in a Good ™ language in
one or two days. But it’s still a question of time as DM so succinctly
sang 20 years ago.

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.

Ola_B · July 14, 2006, 8:07pm

On 7/14/06, Ola B. [email protected] wrote:

Larry K. wrote:

To use this plugin, would I need to setup a CAS server for my company?
-Larry

Yes, this is only the client part of such a system. There are many
available implementations, though. (But I’m sorry to say that most are
in Java, so you’ll have to have at least one Java server in your
enterprise. But OTOH, are there any enterprises without Java at this stage?)

If you just implement CAS 1.0 it’s pretty straight forward. We did
our own implementation in mod perl in a couple of days.

Ola_B · July 15, 2006, 5:31am

You rock. Now I can replace my own half-ass hack of the code from
case-western.

FYI if you are looking for good stuff on CAS integration of open source
stuff do a search on google for " site:case.edu CAS "

Ola_B · July 15, 2006, 2:39pm

Does the CAS filter work with any of the RBAC plugins/engines?

I whipped up my own additions to ActiveRBAC to have CAS (1.0) work with
it.

Jason E.

Ola_B · July 15, 2006, 2:47pm

Jason E. wrote:

Does the CAS filter work with any of the RBAC plugins/engines?

I whipped up my own additions to ActiveRBAC to have CAS (1.0) work with it.

Jason E.

No, not as of now. I would really like to decouple authentication and
authorization as completely as possible. I’m going around planning for
an authorization plugin that will work with SpocP, though. (SpocP is a
centralized generic authorization server, where you can specify rules in
almost any way you want to. Somewhat like XACML actually.
http://www.spocp.org for more info)

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.