authlogic_radius 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +4 -2
- data/lib/authlogic_radius/acts_as_authentic.rb +7 -0
- data/lib/authlogic_radius/session.rb +83 -9
- metadata +13 -4
data/README.rdoc
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
This is a simple gem to allow authentication against a radius server
|
|
5
5
|
|
|
6
6
|
Mostly it is a duplication or authlogic_ldap, with a global replace of "ldap" with "radius"...
|
|
7
|
-
|
|
7
|
+
with a few RADIUS specific bits.
|
|
8
8
|
|
|
9
9
|
|
|
10
10
|
== Links
|
|
@@ -12,7 +12,6 @@ and a few RADIUS specific bits.
|
|
|
12
12
|
* <b>authlogic</b> http://github.com/binarylogic/authlogic
|
|
13
13
|
* <b>authlogic_ldap</b> http://github.com/binarylogic/authlogic_ldap
|
|
14
14
|
|
|
15
|
-
|
|
16
15
|
== Installation
|
|
17
16
|
=== 1. Add fields to your database
|
|
18
17
|
|
|
@@ -52,6 +51,9 @@ and a few RADIUS specific bits.
|
|
|
52
51
|
#optionally
|
|
53
52
|
self.radius_port = 1812
|
|
54
53
|
self.radius_timeout = 2
|
|
54
|
+
self.auto_register = true
|
|
55
|
+
self.auto_register_domain = nil #will create user objects with :email = radius_login@auto_register_domain
|
|
56
|
+
self.auto_register_method = :method_in_user_model_that_configures_new_radius_user
|
|
55
57
|
...
|
|
56
58
|
end
|
|
57
59
|
|
|
@@ -29,6 +29,13 @@ module AuthlogicRadius
|
|
|
29
29
|
if validate_radius_login
|
|
30
30
|
validates_uniqueness_of :radius_login, :scope => validations_scope, :if => :using_radius?
|
|
31
31
|
end
|
|
32
|
+
validates_length_of_password_field_options validates_length_of_password_field_options.merge(:unless => :using_radius?)
|
|
33
|
+
validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:unless => :using_radius?)
|
|
34
|
+
validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:unless => :using_radius?)
|
|
35
|
+
validates_length_of_login_field_options validates_length_of_login_field_options.merge(:unless => :using_radius?)
|
|
36
|
+
validates_uniqueness_of_login_field_options validates_uniqueness_of_login_field_options.merge(:unless => :using_radius?)
|
|
37
|
+
validates_format_of_login_field_options validates_format_of_login_field_options.merge(:unless => :using_radius?)
|
|
38
|
+
|
|
32
39
|
end
|
|
33
40
|
end
|
|
34
41
|
|
|
@@ -56,6 +56,32 @@ module AuthlogicRadius
|
|
|
56
56
|
end
|
|
57
57
|
alias_method :radius_login_field=, :radius_login_field
|
|
58
58
|
|
|
59
|
+
# Set to indicate whether users should be created here upon successful authentication
|
|
60
|
+
# * <tt>Defaults:</tt> true
|
|
61
|
+
# * <tt>Accepts:</tt> Boolean
|
|
62
|
+
def auto_register(value=nil)
|
|
63
|
+
rw_config(:auto_register,value, true)
|
|
64
|
+
end
|
|
65
|
+
alias_method :auto_register=, :auto_register
|
|
66
|
+
|
|
67
|
+
# The domain part added to the login to generate an email address
|
|
68
|
+
# * <tt>Defaults:</tt> nil
|
|
69
|
+
# * <tt>Accepts:</tt> String
|
|
70
|
+
def auto_register_domain(value=nil)
|
|
71
|
+
rw_config(:auto_register_domain, value)
|
|
72
|
+
end
|
|
73
|
+
alias_method :auto_register_domain=, :auto_register_domain
|
|
74
|
+
|
|
75
|
+
# Defines a method to call when a user is auto registered.
|
|
76
|
+
# This is intended to allow for custom user configuration (i.e. adding roles, etc).
|
|
77
|
+
#
|
|
78
|
+
# * <tt>Default:</tt> :configure_new_radius_user
|
|
79
|
+
# * <tt>Accepts:</tt> Symbol
|
|
80
|
+
def auto_register_method(value=nil)
|
|
81
|
+
rw_config(:auto_register_method, value, :configure_new_radius_user)
|
|
82
|
+
end
|
|
83
|
+
alias_method :auto_register_method=, :auto_register_method
|
|
84
|
+
|
|
59
85
|
# Once RADIUS authentication has succeeded we need to find the user in the database. By default this just calls the
|
|
60
86
|
# find_by_radius_login method provided by ActiveRecord. If you have a more advanced set up and need to find users
|
|
61
87
|
# differently specify your own method and define your logic in there.
|
|
@@ -81,6 +107,7 @@ module AuthlogicRadius
|
|
|
81
107
|
klass.class_eval do
|
|
82
108
|
attr_accessor :radius_login
|
|
83
109
|
attr_accessor :radius_password
|
|
110
|
+
attr_accessor :radius_domain
|
|
84
111
|
validate :validate_by_radius, :if => :authenticating_with_radius?
|
|
85
112
|
end
|
|
86
113
|
end
|
|
@@ -105,7 +132,11 @@ module AuthlogicRadius
|
|
|
105
132
|
values = value.is_a?(Array) ? value : [value]
|
|
106
133
|
hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
|
|
107
134
|
if !hash.nil?
|
|
108
|
-
|
|
135
|
+
if hash.key?(:radius_login)
|
|
136
|
+
(login, domain) = hash[:radius_login].split('@')
|
|
137
|
+
self.radius_domain = domain || auto_register_domain
|
|
138
|
+
self.radius_login = login
|
|
139
|
+
end
|
|
109
140
|
self.radius_password = hash[:radius_password] if hash.key?(:radius_password)
|
|
110
141
|
end
|
|
111
142
|
end
|
|
@@ -114,6 +145,14 @@ module AuthlogicRadius
|
|
|
114
145
|
def authenticating_with_radius?
|
|
115
146
|
return radius_host && radius_shared_secret && radius_login
|
|
116
147
|
end
|
|
148
|
+
|
|
149
|
+
def auto_register?
|
|
150
|
+
self.class.auto_register
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
def auto_register_domain
|
|
154
|
+
self.class.auto_register_domain
|
|
155
|
+
end
|
|
117
156
|
|
|
118
157
|
def validate_by_radius
|
|
119
158
|
errors.add(:radius_login, I18n.t('error_messages.radius_login_blank', :default => "can not be blank")) if radius_login.blank?
|
|
@@ -123,21 +162,43 @@ module AuthlogicRadius
|
|
|
123
162
|
begin
|
|
124
163
|
req = Radiustar::Request.new("#{radius_host}:#{radius_port}")
|
|
125
164
|
rescue => e
|
|
126
|
-
errors.add_to_base("Unable to
|
|
165
|
+
errors.add_to_base(I18n.t('error_messsages.cannot_resolve_radius_server', :default => "Unable to find a network path to RADIUS server at #{radius_host}:#{radius_port}"))
|
|
127
166
|
return
|
|
128
167
|
end
|
|
129
168
|
|
|
130
169
|
begin
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
170
|
+
radius_response = nil
|
|
171
|
+
begin
|
|
172
|
+
Timeout.timeout(radius_timeout) do
|
|
173
|
+
radius_response = req.authenticate(radius_login,radius_password,radius_shared_secret)
|
|
174
|
+
end
|
|
175
|
+
rescue Timeout::Error
|
|
176
|
+
errors.add_to_base(I18n.t('error_messages.radius_server_unavailable', :default => "No response from RADIUS server at #{radius_host}:#{radius_port}"))
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
if radius_response
|
|
180
|
+
#authentication succeeded, find or create the user
|
|
181
|
+
self.attempted_record = search_for_record(find_by_radius_login_method, radius_login)
|
|
182
|
+
|
|
183
|
+
if attempted_record.blank? && auto_register?
|
|
184
|
+
self.attempted_record = klass.new(
|
|
185
|
+
:radius_login => radius_login,
|
|
186
|
+
:email => "#{radius_login}@#{radius_domain}",
|
|
187
|
+
:remember_me => controller.params[:remember_me] == "true"
|
|
188
|
+
)
|
|
189
|
+
auto_register_method.to_proc.call(self.attempted_record)
|
|
190
|
+
if self.attempted_record.save
|
|
191
|
+
Rails.logger.info 'New user created'
|
|
192
|
+
else
|
|
193
|
+
Rails.logger.debug "#{self.attempted_record.errors.full_messages}"
|
|
194
|
+
errors.add_to_base(I18n.t('error_messages.failed_to_create_local_user', :default => "Failed to create a local user record."))
|
|
195
|
+
end
|
|
135
196
|
else
|
|
136
|
-
errors.
|
|
197
|
+
errors.add(:radius_login, I18n.t('error_messages.radius_login_not_found', :default => "does not exist")) if attempted_record.blank?
|
|
137
198
|
end
|
|
199
|
+
else
|
|
200
|
+
errors.add_to_base(I18n.t('error_messages.authentication_failed', :default => "Authentication failed"))
|
|
138
201
|
end
|
|
139
|
-
rescue Timeout::Error
|
|
140
|
-
errors.add_to_base("No response from RADIUS server at #{radius_host}:#{radius_port}")
|
|
141
202
|
rescue => e
|
|
142
203
|
errors.add_to_base(e.to_s)
|
|
143
204
|
end
|
|
@@ -154,7 +215,19 @@ module AuthlogicRadius
|
|
|
154
215
|
def radius_shared_secret
|
|
155
216
|
self.class.radius_shared_secret
|
|
156
217
|
end
|
|
218
|
+
|
|
219
|
+
def auto_register
|
|
220
|
+
self.class.auto_register
|
|
221
|
+
end
|
|
222
|
+
|
|
223
|
+
def auto_register_domain
|
|
224
|
+
self.class.auto_register_domain
|
|
225
|
+
end
|
|
157
226
|
|
|
227
|
+
def auto_register_method
|
|
228
|
+
self.class.auto_register_method
|
|
229
|
+
end
|
|
230
|
+
|
|
158
231
|
def radius_timeout
|
|
159
232
|
self.class.radius_timeout
|
|
160
233
|
end
|
|
@@ -162,6 +235,7 @@ module AuthlogicRadius
|
|
|
162
235
|
def find_by_radius_login_method
|
|
163
236
|
self.class.find_by_radius_login_method
|
|
164
237
|
end
|
|
238
|
+
|
|
165
239
|
end
|
|
166
240
|
end
|
|
167
241
|
end
|
metadata
CHANGED
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlogic_radius
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
+
hash: 21
|
|
4
5
|
prerelease: false
|
|
5
6
|
segments:
|
|
6
7
|
- 0
|
|
7
8
|
- 0
|
|
8
|
-
-
|
|
9
|
-
version: 0.0.
|
|
9
|
+
- 5
|
|
10
|
+
version: 0.0.5
|
|
10
11
|
platform: ruby
|
|
11
12
|
authors:
|
|
12
13
|
- Brad Langhorst
|
|
@@ -14,16 +15,18 @@ autorequire:
|
|
|
14
15
|
bindir: bin
|
|
15
16
|
cert_chain: []
|
|
16
17
|
|
|
17
|
-
date: 2010-
|
|
18
|
+
date: 2010-10-18 00:00:00 -04:00
|
|
18
19
|
default_executable:
|
|
19
20
|
dependencies:
|
|
20
21
|
- !ruby/object:Gem::Dependency
|
|
21
22
|
name: authlogic
|
|
22
23
|
prerelease: false
|
|
23
24
|
requirement: &id001 !ruby/object:Gem::Requirement
|
|
25
|
+
none: false
|
|
24
26
|
requirements:
|
|
25
27
|
- - ">="
|
|
26
28
|
- !ruby/object:Gem::Version
|
|
29
|
+
hash: 3
|
|
27
30
|
segments:
|
|
28
31
|
- 2
|
|
29
32
|
- 0
|
|
@@ -34,9 +37,11 @@ dependencies:
|
|
|
34
37
|
name: radiustar
|
|
35
38
|
prerelease: false
|
|
36
39
|
requirement: &id002 !ruby/object:Gem::Requirement
|
|
40
|
+
none: false
|
|
37
41
|
requirements:
|
|
38
42
|
- - ">="
|
|
39
43
|
- !ruby/object:Gem::Version
|
|
44
|
+
hash: 25
|
|
40
45
|
segments:
|
|
41
46
|
- 0
|
|
42
47
|
- 0
|
|
@@ -72,23 +77,27 @@ rdoc_options:
|
|
|
72
77
|
require_paths:
|
|
73
78
|
- lib
|
|
74
79
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
80
|
+
none: false
|
|
75
81
|
requirements:
|
|
76
82
|
- - ">="
|
|
77
83
|
- !ruby/object:Gem::Version
|
|
84
|
+
hash: 3
|
|
78
85
|
segments:
|
|
79
86
|
- 0
|
|
80
87
|
version: "0"
|
|
81
88
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
89
|
+
none: false
|
|
82
90
|
requirements:
|
|
83
91
|
- - ">="
|
|
84
92
|
- !ruby/object:Gem::Version
|
|
93
|
+
hash: 3
|
|
85
94
|
segments:
|
|
86
95
|
- 0
|
|
87
96
|
version: "0"
|
|
88
97
|
requirements: []
|
|
89
98
|
|
|
90
99
|
rubyforge_project:
|
|
91
|
-
rubygems_version: 1.3.
|
|
100
|
+
rubygems_version: 1.3.7
|
|
92
101
|
signing_key:
|
|
93
102
|
specification_version: 3
|
|
94
103
|
summary: Extension of the Authlogic library adding RADIUS support.
|