Hi CAS is a centralized authentication service, and the cas_auth filter can be installed to automatically make your web application authenticate against a CAS server. The SVN path to the plugin is http://svn.ki.se/rails/plugins/cas_auth and a homepage with some information can be found at http://opensource.ki.se/casauth.html For use, just install the plugin in your application and set these attributes in your environment.rb CAS::Filter.login_url CAS::Filter.validate_url CAS::Filter.server_name -- Ola Bini (http://ola-bini.blogspot.com) JvYAML, RbYAML, JRuby and Jatha contributor System Developer, Karolinska Institutet (http://www.ki.se) OLogix Consulting (http://www.ologix.com) "Yields falsehood when quined" yields falsehood when quined.
Ola: This is very nice. We''ve been using our own drop-in controller for this but I like what you''ve done. We''ll try your plugin on a couple of our systems and report back to you if there are errors. On 7/14/06, Ola Bini <ola.bini@ki.se> wrote:> > Hi > > CAS is a centralized authentication service, and the cas_auth filter can > be installed to automatically make your web application authenticate > against a CAS server. The SVN path to the plugin is > http://svn.ki.se/rails/plugins/cas_auth > and a homepage with some information can be found at > http://opensource.ki.se/casauth.html > > For use, just install the plugin in your application and set these > attributes in your environment.rb > CAS::Filter.login_url > CAS::Filter.validate_url > CAS::Filter.server_name > > -- > Ola Bini (http://ola-bini.blogspot.com) > JvYAML, RbYAML, JRuby and Jatha contributor > System Developer, Karolinska Institutet (http://www.ki.se) > OLogix Consulting (http://www.ologix.com) > > "Yields falsehood when quined" yields falsehood when quined. > > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060714/3ab4f8cb/attachment.html
To use this plugin, would I need to setup a CAS server for my company? -Larry On 7/14/06, Brian Hogan <bphogan@gmail.com> wrote:> > Ola: > > This is very nice. We''ve been using our own drop-in controller for this > but I like what you''ve done. We''ll try your plugin on a couple of our > systems and report back to you if there are errors. > > > > > On 7/14/06, Ola Bini <ola.bini@ki.se> wrote: > > > > Hi > > > > CAS is a centralized authentication service, and the cas_auth filter can > > be installed to automatically make your web application authenticate > > against a CAS server. The SVN path to the plugin is > > http://svn.ki.se/rails/plugins/cas_auth > > and a homepage with some information can be found at > > http://opensource.ki.se/casauth.html > > > > For use, just install the plugin in your application and set these > > attributes in your environment.rb > > CAS::Filter.login_url > > CAS::Filter.validate_url > > CAS::Filter.server_name > > > > -- > > Ola Bini (http://ola-bini.blogspot.com ) > > JvYAML, RbYAML, JRuby and Jatha contributor > > System Developer, Karolinska Institutet (http://www.ki.se) > > OLogix Consulting (http://www.ologix.com ) > > > > "Yields falsehood when quined" yields falsehood when quined. > > > > > > _______________________________________________ > > Rails mailing list > > Rails@lists.rubyonrails.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >-- Best Regards, -Larry "Work, work, work...there is no satisfactory alternative." --- E.Taft Benson -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060714/82192e1c/attachment.html
Larry Kelly wrote:> To use this plugin, would I need to setup a CAS server for my company? > -Larry >Yes, this is only the client part of such a system. There are many available implementations, though. (But I''m sorry to say that most are in Java, so you''ll have to have at least one Java server in your enterprise. But OTOH, are there any enterprises without Java at this stage?) -- Ola Bini (http://ola-bini.blogspot.com) JvYAML, RbYAML, JRuby and Jatha contributor System Developer, Karolinska Institutet (http://www.ki.se) OLogix Consulting (http://www.ologix.com) "Yields falsehood when quined" yields falsehood when quined.
On 7/14/06, Ola Bini <ola.bini@ki.se> wrote:> Larry Kelly wrote: > > To use this plugin, would I need to setup a CAS server for my company? > > -Larry > > > > Yes, this is only the client part of such a system. There are many > available implementations, though. (But I''m sorry to say that most are > in Java, so you''ll have to have at least one Java server in your > enterprise. But OTOH, are there any enterprises without Java at this stage?)If you just implement CAS 1.0 it''s pretty straight forward. We did our own implementation in mod perl in a couple of days.
snacktime wrote:> On 7/14/06, Ola Bini <ola.bini@ki.se> wrote: >> Larry Kelly wrote: >> > To use this plugin, would I need to setup a CAS server for my company? >> > -Larry >> > >> >> Yes, this is only the client part of such a system. There are many >> available implementations, though. (But I''m sorry to say that most are >> in Java, so you''ll have to have at least one Java server in your >> enterprise. But OTOH, are there any enterprises without Java at this >> stage?) > > If you just implement CAS 1.0 it''s pretty straight forward. We did > our own implementation in mod perl in a couple of days. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >Hi! Yes, it''s only CAS 1.0, the most rudimentary parts needed to actually get the authentication bits working correctly. And as you say, I know it''s very simple and could probably be done in a Good (TM) language in one or two days. But it''s still a question of time as DM so succinctly sang 20 years ago. -- Ola Bini (http://ola-bini.blogspot.com) JvYAML, RbYAML, JRuby and Jatha contributor System Developer, Karolinska Institutet (http://www.ki.se) OLogix Consulting (http://www.ologix.com) "Yields falsehood when quined" yields falsehood when quined.
You rock. Now I can replace my own half-ass hack of the code from case-western. FYI if you are looking for good stuff on CAS integration of open source stuff do a search on google for " site:case.edu CAS " On Fri, 2006-07-14 at 11:25 +0200, Ola Bini wrote:> Hi > > CAS is a centralized authentication service, and the cas_auth filter can > be installed to automatically make your web application authenticate > against a CAS server. The SVN path to the plugin is > http://svn.ki.se/rails/plugins/cas_auth > and a homepage with some information can be found at > http://opensource.ki.se/casauth.html > > For use, just install the plugin in your application and set these > attributes in your environment.rb > CAS::Filter.login_url > CAS::Filter.validate_url > CAS::Filter.server_name >
Does the CAS filter work with any of the RBAC plugins/engines? I whipped up my own additions to ActiveRBAC to have CAS (1.0) work with it. Jason Edgecombe Erik B. Ordway wrote:> You rock. Now I can replace my own half-ass hack of the code from > case-western. > > FYI if you are looking for good stuff on CAS integration of open source > stuff do a search on google for " site:case.edu CAS " > > On Fri, 2006-07-14 at 11:25 +0200, Ola Bini wrote: > >> Hi >> >> CAS is a centralized authentication service, and the cas_auth filter can >> be installed to automatically make your web application authenticate >> against a CAS server. The SVN path to the plugin is >> http://svn.ki.se/rails/plugins/cas_auth >> and a homepage with some information can be found at >> http://opensource.ki.se/casauth.html >> >> For use, just install the plugin in your application and set these >> attributes in your environment.rb >> CAS::Filter.login_url >> CAS::Filter.validate_url >> CAS::Filter.server_name >> >>
Jason Edgecombe wrote:> Does the CAS filter work with any of the RBAC plugins/engines? > > I whipped up my own additions to ActiveRBAC to have CAS (1.0) work with it. > > Jason Edgecombe >No, not as of now. I would really like to decouple authentication and authorization as completely as possible. I''m going around planning for an authorization plugin that will work with SpocP, though. (SpocP is a centralized generic authorization server, where you can specify rules in almost any way you want to. Somewhat like XACML actually. http://www.spocp.org for more info) -- Ola Bini (http://ola-bini.blogspot.com) JvYAML, RbYAML, JRuby and Jatha contributor System Developer, Karolinska Institutet (http://www.ki.se) OLogix Consulting (http://www.ologix.com) "Yields falsehood when quined" yields falsehood when quined.