Rails - Feb 2006 - Rails and Windows Active Directory Authentication?

Hello All, I know there is a component for integrating LDAP with Rails but
is anyone doing any Windows Active Directory Authentication to a Rails app?

I am rebuilding a site that was constructed out of asp and I would like to
rebuild/improve it via rails. On the requirements side I will need to
communicate with Active Directory and I will be required to use MSSQL for
the database. Can anyone point me towards some tutorials, examples etc.
where I can see how others are tackling issues with bringing Rails into an
MS dominant enterprise. I may be able to convince the managers to allow me
to bring in a server that''s configured with Linux, Lighty and FCGI or
SCGI
but I will still need to contend with AD Authentication and legacy data
stored on several MSSQL servers. Any guidance will be much appreciated.

I need to log in via AD and then set  various session variables that
will/can be used throughout a users session. Any examples?

Thank you!
--
Kind Regards,
Mike Ickes
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://wrath.rubyonrails.org/pipermail/rails/attachments/20060221/9bd1636e/attachment-0001.html

> On the requirements side I will need to
> communicate with Active Directory and I will be required to use MSSQL for
> the database. Can anyone point me towards some tutorials, examples etc.
> where I can see how others are tackling issues with bringing Rails into an
> MS dominant enterprise.
For MS AD authentication I am currently using:
  * Installed ruby-ldap
  * Installed login_generator gem and let the generator build its basic setup
  * Modified the generated user model:
        require ''ldap''
        require ''ldap/control''

        class User
          def self.authenticate(username, password)
            return false if username.to_s.size == 0
            return false if password.to_s.size == 0

            conn = LDAP::Conn.new("<AD SERVER NAME>", 389)

            conn.set_option( LDAP::LDAP_OPT_PROTOCOL_VERSION, 3 )

            begin
              conn.simple_bind(username, password)
            rescue
              return false
            end

            return conn.bound?
          end
        end

For access to MSSQL (from rails on Linux), I did use:
  * Installed and configured ODBC on the Linux box to connect to MS SQL
  * Used an adapted ActiveRecord connection adapter:
        # odbc_adapter.rb -- ActiveRecord adapter for ODBC
        #
        # adapted from:
        #   sqlserver_adapter.rb -- ActiveRecord adapter for Microsoft
SQL Server
        #
        #   Author: Joey Gibson <joey@joeygibson.com>
        #   Date:   10/14/2004
        #
        #   Modifications: DeLynn Berry <delynnb@megastarfinancial.com>
        #   Date: 3/22/2005

>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 21 Feb 2006 13:41:32 -0500
> From: brabuhr@gmail.com
> Subject: Re: [Rails] Rails and Windows Active Directory
>         Authentication?
> To: rails@lists.rubyonrails.org
> Message-ID:
>         <55fa96700602211041v77a39682m4bc5b65b1216a94@mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> > On the requirements side I will need to
> > communicate with Active Directory and I will be required to use MSSQL
> for
> > the database. Can anyone point me towards some tutorials, examples
etc.
> > where I can see how others are tackling issues with bringing Rails
into
> an
> > MS dominant enterprise.
>
> For MS AD authentication I am currently using:
>   * Installed ruby-ldap
>   * Installed login_generator gem and let the generator build its basic
> setup
>   * Modified the generated user model:
>         require ''ldap''
>         require ''ldap/control''
>
>         class User
>           def self.authenticate(username, password)
>             return false if username.to_s.size == 0
>             return false if password.to_s.size == 0
>
>             conn = LDAP::Conn.new("<AD SERVER NAME>", 389)
>
>             conn.set_option( LDAP::LDAP_OPT_PROTOCOL_VERSION, 3 )
>
>             begin
>               conn.simple_bind(username, password)
>             rescue
>               return false
>             end
>
>             return conn.bound?
>           end
>         end
>
> For access to MSSQL (from rails on Linux), I did use:
>   * Installed and configured ODBC on the Linux box to connect to MS SQL
>   * Used an adapted ActiveRecord connection adapter:
>         # odbc_adapter.rb -- ActiveRecord adapter for ODBC
>         #
>         # adapted from:
>         #   sqlserver_adapter.rb -- ActiveRecord adapter for Microsoft
> SQL Server
>         #
>         #   Author: Joey Gibson <joey@joeygibson.com>
>         #   Date:   10/14/2004
>         #
>         #   Modifications: DeLynn Berry
<delynnb@megastarfinancial.com>
>         #   Date: 3/22/2005
>
>
>
Thank you very much for this start. Are you storing any objects (aside from
user & pass) in AD that you are retrieving into the session hash?

Again, many thanks!

--
Kind Regards,
Mike Ickes
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://wrath.rubyonrails.org/pipermail/rails/attachments/20060221/e34e3108/attachment.html

> > For MS AD authentication I am currently using:
> >   * Installed ruby-ldap
> >   * Installed login_generator gem and let the generator build its
basic
> setup
> >   * Modified the generated user model:
>
> Thank you very much for this start. Are you storing any objects (aside from
> user & pass) in AD that you are retrieving into the session hash?
At present, I''m just using AD for an authentication yes/no.  I will
soon need
some authorization, but have not yet decided how I want to proceed.  I want to
look at Ezra Zygmuntowicz''s acl_system plugin and perhaps hook that in
with
LDAP to map AD groups to application roles.

I explored ActiveLDAP for a time, but it has more features than I needed and
I didn''t want to mess around at the time with getting access to the
schema so
it could be "Active".

On 2/21/06, brabuhr@gmail.com <brabuhr@gmail.com>
wrote:
> > On the requirements side I will need to
> > communicate with Active Directory and I will be required to use MSSQL
for
> > the database. Can anyone point me towards some tutorials, examples
etc.
> > where I can see how others are tackling issues with bringing Rails
into an
> > MS dominant enterprise.
>
> For MS AD authentication I am currently using:
>   * Installed ruby-ldap
>   * Installed login_generator gem and let the generator build its basic
setup
You''re doing this from Linux, right?  To my knowledge, Ruby/LDAP still
doesn''t work on Windows.  With the help of the maintainer, I finally
managed to make it build, but it instantly segfaults the interpreter
when you touch it in any way.

> > For MS AD authentication I am currently using:
> >   * Installed ruby-ldap
> >   * Installed login_generator gem and let the generator build its
basic setup
>
> You''re doing this from Linux, right?  To my knowledge, Ruby/LDAP
still
> doesn''t work on Windows.  With the help of the maintainer, I
finally
> managed to make it build, but it instantly segfaults the interpreter
> when you touch it in any way.
Yes, Linux.

Here''s a strange bug:

Mac OS X 10.4.5
OpenLDAP - provided my MAC OS X
Ruby-LDAP 0.9.3
Rails 1.0.0

Compiled and loaded Ruby-LDAP.  Wrote a test script, and instantly  
talking to a Windows
Active Directory server.

Fire up the Rails console:

wilig$ script/console
Loading development environment.
 >> require ''ldap''
=> true
 >> require ''ldap/control''
=> true
 >> LDAP::Conn.new(''windowads'', 396)
(irb):3: [BUG] Bus Error
ruby 1.8.4 (2005-12-24) [powerpc-darwin8.4.0]

Abort trap
wilig$


Freaking odd.  What in initializer.rb is doing me so wrong?

Thanks for any insight.

-wilig

I''m also getting this Abor trap message when using script/console.

It works just fine using straight irb and it is also working fine  
when running through webrick.

It sure is weird. Not sure what is so different about script/console  
than the other methods.


darktower$ ./script/console
Loading development environment.
 >> require ''ldap''
=> true
 >> require ''ldap/control''
=> true
 >> conn = LDAP::Conn.new(''10.10.10.100'', 389)
(irb):3: [BUG] Bus Error
ruby 1.8.4 (2005-12-24) [powerpc-darwin8.5.0]

Abort trap
darktower$


-Jonathan


On Feb 23, 2006, at 11:17 AM, William Groppe wrote:
> Here''s a strange bug:
>
> Mac OS X 10.4.5
> OpenLDAP - provided my MAC OS X
> Ruby-LDAP 0.9.3
> Rails 1.0.0
>
> Compiled and loaded Ruby-LDAP.  Wrote a test script, and instantly  
> talking to a Windows
> Active Directory server.
>
> Fire up the Rails console:
>
> wilig$ script/console
> Loading development environment.
> >> require ''ldap''
> => true
> >> require ''ldap/control''
> => true
> >> LDAP::Conn.new(''windowads'', 396)
> (irb):3: [BUG] Bus Error
> ruby 1.8.4 (2005-12-24) [powerpc-darwin8.4.0]
>
> Abort trap
> wilig$
>
>
> Freaking odd.  What in initializer.rb is doing me so wrong?
>
> Thanks for any insight.
>
> -wilig
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails

It also fails under Lighttpd, library load path problem?

-wilig

On Feb 23, 2006, at 2:49 PM, Jonathan Younger wrote:
> I''m also getting this Abor trap message when using script/console.
>
> It works just fine using straight irb and it is also working fine  
> when running through webrick.
>
> It sure is weird. Not sure what is so different about script/ 
> console than the other methods.
>
>
> darktower$ ./script/console
> Loading development environment.
> >> require ''ldap''
> => true
> >> require ''ldap/control''
> => true
> >> conn = LDAP::Conn.new(''10.10.10.100'', 389)
> (irb):3: [BUG] Bus Error
> ruby 1.8.4 (2005-12-24) [powerpc-darwin8.5.0]
>
> Abort trap
> darktower$
>
>
> -Jonathan
>
>
> On Feb 23, 2006, at 11:17 AM, William Groppe wrote:
>
>> Here''s a strange bug:
>>
>> Mac OS X 10.4.5
>> OpenLDAP - provided my MAC OS X
>> Ruby-LDAP 0.9.3
>> Rails 1.0.0
>>
>> Compiled and loaded Ruby-LDAP.  Wrote a test script, and instantly  
>> talking to a Windows
>> Active Directory server.
>>
>> Fire up the Rails console:
>>
>> wilig$ script/console
>> Loading development environment.
>> >> require ''ldap''
>> => true
>> >> require ''ldap/control''
>> => true
>> >> LDAP::Conn.new(''windowads'', 396)
>> (irb):3: [BUG] Bus Error
>> ruby 1.8.4 (2005-12-24) [powerpc-darwin8.4.0]
>>
>> Abort trap
>> wilig$
>>
>>
>> Freaking odd.  What in initializer.rb is doing me so wrong?
>>
>> Thanks for any insight.
>>
>> -wilig
>> _______________________________________________
>> Rails mailing list
>> Rails@lists.rubyonrails.org
>> http://lists.rubyonrails.org/mailman/listinfo/rails
>
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails

It''s working for me under lighttpd.

-Jonathan

On Feb 23, 2006, at 12:09 PM, William Groppe wrote:
> It also fails under Lighttpd, library load path problem?
>
> -wilig
>
> On Feb 23, 2006, at 2:49 PM, Jonathan Younger wrote:
>
>> I''m also getting this Abor trap message when using
script/console.
>>
>> It works just fine using straight irb and it is also working fine  
>> when running through webrick.
>>
>> It sure is weird. Not sure what is so different about script/ 
>> console than the other methods.
>>
>>
>> darktower$ ./script/console
>> Loading development environment.
>> >> require ''ldap''
>> => true
>> >> require ''ldap/control''
>> => true
>> >> conn = LDAP::Conn.new(''10.10.10.100'', 389)
>> (irb):3: [BUG] Bus Error
>> ruby 1.8.4 (2005-12-24) [powerpc-darwin8.5.0]
>>
>> Abort trap
>> darktower$
>>
>>
>> -Jonathan
>>
>>
>> On Feb 23, 2006, at 11:17 AM, William Groppe wrote:
>>
>>> Here''s a strange bug:
>>>
>>> Mac OS X 10.4.5
>>> OpenLDAP - provided my MAC OS X
>>> Ruby-LDAP 0.9.3
>>> Rails 1.0.0
>>>
>>> Compiled and loaded Ruby-LDAP.  Wrote a test script, and  
>>> instantly talking to a Windows
>>> Active Directory server.
>>>
>>> Fire up the Rails console:
>>>
>>> wilig$ script/console
>>> Loading development environment.
>>> >> require ''ldap''
>>> => true
>>> >> require ''ldap/control''
>>> => true
>>> >> LDAP::Conn.new(''windowads'', 396)
>>> (irb):3: [BUG] Bus Error
>>> ruby 1.8.4 (2005-12-24) [powerpc-darwin8.4.0]
>>>
>>> Abort trap
>>> wilig$
>>>
>>>
>>> Freaking odd.  What in initializer.rb is doing me so wrong?
>>>
>>> Thanks for any insight.
>>>
>>> -wilig
>>> _______________________________________________
>>> Rails mailing list
>>> Rails@lists.rubyonrails.org
>>> http://lists.rubyonrails.org/mailman/listinfo/rails
>>
>> _______________________________________________
>> Rails mailing list
>> Rails@lists.rubyonrails.org
>> http://lists.rubyonrails.org/mailman/listinfo/rails
>
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails