linux user
2006-Aug-07 17:43 UTC
[Rails] User Authentication and Authorization with SiteMinder
Hi All I am new the RoR and would like some advice on how to integrate SiteMinder authentication/authorization in my Rails app. For those who are not aware SiteMinder authenticates users and then redirects the user back to the application that requested authentication while setting response header which look something like this cn=ROWRACCEPTED,ou=status,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00165,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00166,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=K00199,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=L00025,ou=Route_Planner,ou=roles,ou=wr,ou=apps,dc=dev,dc=wm,dc=com^cn=ROCCACCEPTED,ou=status,ou=cc,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROCCEADMIN,ou=roles,ou=cc,ou=apps,dc=dev,dc=wm,dc=com^cn=ROCEACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROSSAdministrator,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com^cn=ROSSACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=S02881,ou=ROSSPictureUploader,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com^cn=ROSSACCEPTED,ou=status,ou=ce,ou=apps,dc=dev,dc=wm,dc=com^cn=H00001,ou=ROSSAdministrator,ou=roles,ou=ss,ou=apps,dc=dev,dc=wm,dc=com SSDEV I have no problem parsing these headers but I want a comprehensive solution for my needs. I looked into ActiveRBAC but I think its an overkill, I would like to use ''before_filter'' technique to protect actions against users whose roles donot grant them certain permissions. But I don''t want to implement my own User/Role inheritance object graph, I would rather re-use some kind of plug-in/component etc. Would you guys recommend any for SiteMinder integration. thanks -daya -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060807/4f611be0/attachment.html
Francis Cianfrocca
2006-Aug-07 17:53 UTC
[Rails] Re: User Authentication and Authorization with SiteMinder
linux user wrote:> Hi All > > I want a comprehensive solution for my needs.What is the limitation of just parsing SM''s headers that makes it non-comprehensive for your needs? Also, SM has built-in authorization policy engine that you can use to control URLs in your site (although as far as I can tell most people use SM for authentication only). -- Posted via http://www.ruby-forum.com/.
linux user
2006-Aug-07 18:11 UTC
[Rails] Re: User Authentication and Authorization with SiteMinder
On 8/7/06, Francis Cianfrocca <garbagecat10@gmail.com> wrote:> > linux user wrote: > > Hi All > > > > I want a comprehensive solution for my needs. > > What is the limitation of just parsing SM''s headers that makes it > non-comprehensive for your needs? Also, SM has built-in authorization > policy engine that you can use to control URLs in your site (although as > far as I can tell most people use SM for authentication only). > > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >I was looking for out-of-the-box solution incase somebody had already implemented some kind of plugin/engine which seamlessly weaves into my web-app and provides easy integration just like ActiveRBAC does. I am sure this is a common requirement in many enterprise applications and it would be very cool to have a engine/plugin of some kind. Does anybody know of any? -daya -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060807/3abfefb2/attachment-0001.html