Hi All
I am new the RoR and would like some advice on how to integrate
SiteMinder
authentication/authorization in my Rails app.
For those who are not aware SiteMinder authenticates users and then
redirects the user back to the application that requested authentication
while setting response header which look something like this
cn=ROWRACCEPTED,ou=status,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00165,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00166,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00199,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=L00025,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=ROCCACCEPTED,ou=status,ou=cc,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROCCEADMIN,ou=roles,ou=cc,ou=apps,dc=dev,dc=wm,dc=com^cn=ROCEACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROSSAdministrator,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com^cn=ROSSACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=S02881,ou=ROSSPictureUploader,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com^cn=ROSSACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROSSAdministrator,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com
SSDEV
I have no problem parsing these headers but I want a comprehensive
solution
for my needs.
I looked into ActiveRBAC but I think its an overkill, I would like to
use
‘before_filter’ technique to protect actions against users whose roles
donot
grant them certain permissions. But I don’t want to implement my own
User/Role inheritance object graph, I would rather re-use some kind of
plug-in/component etc.
Would you guys recommend any for SiteMinder integration.
thanks
-daya