User Authentication and Authorization with SiteMinder

Hi All

I am new the RoR and would like some advice on how to integrate
SiteMinder
authentication/authorization in my Rails app.

For those who are not aware SiteMinder authenticates users and then
redirects the user back to the application that requested authentication
while setting response header which look something like this

cn=ROWRACCEPTED,ou=status,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00165,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00166,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00199,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=L00025,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=ROCCACCEPTED,ou=status,ou=cc,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROCCEADMIN,ou=roles,ou=cc,ou=apps,dc=dev,dc=wm,dc=com^cn=ROCEACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROSSAdministrator,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com^cn=ROSSACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=S02881,ou=ROSSPictureUploader,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com^cn=ROSSACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROSSAdministrator,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com
SSDEV

I have no problem parsing these headers but I want a comprehensive
solution
for my needs.

I looked into ActiveRBAC but I think its an overkill, I would like to
use
‘before_filter’ technique to protect actions against users whose roles
donot
grant them certain permissions. But I don’t want to implement my own
User/Role inheritance object graph, I would rather re-use some kind of
plug-in/component etc.

Would you guys recommend any for SiteMinder integration.

thanks
-daya

linux user wrote:

Hi All

I want a comprehensive solution for my needs.

What is the limitation of just parsing SM’s headers that makes it
non-comprehensive for your needs? Also, SM has built-in authorization
policy engine that you can use to control URLs in your site (although as
far as I can tell most people use SM for authentication only).

On 8/7/06, Francis C. [email protected] wrote:


Posted via http://www.ruby-forum.com/.


Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

I was looking for out-of-the-box solution incase somebody had already
implemented some kind of plugin/engine which seamlessly weaves into my
web-app and provides easy integration just like ActiveRBAC does.

I am sure this is a common requirement in many enterprise applications
and
it would be very cool to have a engine/plugin of some kind. Does anybody
know of any?

-daya

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs