Hi All, I''m taking on a re-write project for a ticketing system solution and my company uses ASP.net with IIS. I want to build the new ticketing system with Rails as I believe it to be a much cleaner long term solution, and add to that I don''t care for ASP and how it handles sessions. I''ve searched long and hard and a lot of posts and information out there are pretty out dated in terms of NTLM or (integrated windows authentication) as it''s now called working with Rails. I will not be using IIS thankfully and would rather go an Apache route with a mod to handle initial authentication through windows active directory. We use IE8 and it should pass through perfectly. But, I need to know what I''m getting into and would like to look over as many resources as possible before I fully commit to this project. So, with that said, what resources am I going to need to work on this? I''m fully familiar with Ruby 1.8.7, 1.9.1, and 1.9.2 and Rails version 2.x and 3.x, including rails 3.1. I normally use apache + passenger + rails when going to production on a linux server. How would you approach this and what pieces would you opt for, given this scenario? And, any updated links on where to go with this? Thanks for your time. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
ntlm is used only for workgroups, domains use ldap to access the DS, devise has a plugin for ldap. https://github.com/cschiewek/devise_ldap_authenticatable -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Hey Alpha, As "radhames brito" pointed out, you can use a plug-in for LDAP authentication with Devise (a popular authentication system) to facilitate authentication with ActiveDirectory. I had to build a few systems like this a couple years ago, and at the time all I had available was a simple LDAP gem to facilitate communication. From an overview perspective, it''s pretty simple. Your web application can accept username/password parameters, then ask your AD server to authenticate that user via a standard LDAP connection using a gem like "ruby-net-ldap". The server responds, and your application can act accordingly. Implementation-wise, AD is Microsoft''s LDAP system; you can interface with it pretty-much just like any other LDAP server, though I believe it has some unique qualities that make it a little bit "special". One tool I found absolutely invaluable when doing this before was Apache''s LDAP tool, "Apache Directory Studio" - http://directory.apache.org/. It can form a connection to your AD server and let you discover all the "hidden" properties of tree nodes that Microsoft''s built-in AD browser won''t tell you. You may need that when figuring out which tree to use when authenticating users (depending on how your LDAP setup works) or other potentially valuable items stored therein. Unfortunately, I can''t comment on how Devise does LDAP authentication as I haven''t used it before (I don''t think it existed at the time I had to build the equivalent a few years back). I''d recommend trying to use it first, and if you can''t quite get that working, you can go "deep dive" and brew your own. Generally speaking though, using a standardized and properly maintained authentication system like Devise is a better way to go, so I''d recommend that approach starting out. I hope this helps you at least get an idea of where to start. Good luck! On Mar 27, 9:19 pm, Alpha Blue <li...-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Hi All, > > I''m taking on a re-write project for a ticketing system solution and my > company uses ASP.net with IIS. I want to build the new ticketing system > with Rails as I believe it to be a much cleaner long term solution, and > add to that I don''t care for ASP and how it handles sessions. > > I''ve searched long and hard and a lot of posts and information out there > are pretty out dated in terms of NTLM or (integrated windows > authentication) as it''s now called working with Rails. > > I will not be using IIS thankfully and would rather go an Apache route > with a mod to handle initial authentication through windows active > directory. We use IE8 and it should pass through perfectly. > > But, I need to know what I''m getting into and would like to look over as > many resources as possible before I fully commit to this project. So, > with that said, what resources am I going to need to work on this? > > I''m fully familiar with Ruby 1.8.7, 1.9.1, and 1.9.2 and Rails version > 2.x and 3.x, including rails 3.1. I normally use apache + passenger + > rails when going to production on a linux server. > > How would you approach this and what pieces would you opt for, given > this scenario? And, any updated links on where to go with this? > > Thanks for your time. > > -- > Posted viahttp://www.ruby-forum.com/.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Thanks for the input guys. I didn''t realize that devise had ldap authentication built in. I''ll take a look at that and also will look at Apache Directory Studio. I appreciate the tips and links. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Mon, Mar 28, 2011 at 8:16 AM, Alpha Blue <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Thanks for the input guys. I didn''t realize that devise had ldap > authentication built in. I''ll take a look at that and also will look at > Apache Directory Studio. > >Is not build in, you have to another gem to it, is a plugin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.