authlogic_radius 0.0.4 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +4 -2
- data/lib/authlogic_radius/acts_as_authentic.rb +7 -0
- data/lib/authlogic_radius/session.rb +83 -9
- metadata +13 -4
data/README.rdoc
CHANGED
@@ -4,7 +4,7 @@
|
|
4
4
|
This is a simple gem to allow authentication against a radius server
|
5
5
|
|
6
6
|
Mostly it is a duplication or authlogic_ldap, with a global replace of "ldap" with "radius"...
|
7
|
-
|
7
|
+
with a few RADIUS specific bits.
|
8
8
|
|
9
9
|
|
10
10
|
== Links
|
@@ -12,7 +12,6 @@ and a few RADIUS specific bits.
|
|
12
12
|
* <b>authlogic</b> http://github.com/binarylogic/authlogic
|
13
13
|
* <b>authlogic_ldap</b> http://github.com/binarylogic/authlogic_ldap
|
14
14
|
|
15
|
-
|
16
15
|
== Installation
|
17
16
|
=== 1. Add fields to your database
|
18
17
|
|
@@ -52,6 +51,9 @@ and a few RADIUS specific bits.
|
|
52
51
|
#optionally
|
53
52
|
self.radius_port = 1812
|
54
53
|
self.radius_timeout = 2
|
54
|
+
self.auto_register = true
|
55
|
+
self.auto_register_domain = nil #will create user objects with :email = radius_login@auto_register_domain
|
56
|
+
self.auto_register_method = :method_in_user_model_that_configures_new_radius_user
|
55
57
|
...
|
56
58
|
end
|
57
59
|
|
@@ -29,6 +29,13 @@ module AuthlogicRadius
|
|
29
29
|
if validate_radius_login
|
30
30
|
validates_uniqueness_of :radius_login, :scope => validations_scope, :if => :using_radius?
|
31
31
|
end
|
32
|
+
validates_length_of_password_field_options validates_length_of_password_field_options.merge(:unless => :using_radius?)
|
33
|
+
validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:unless => :using_radius?)
|
34
|
+
validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:unless => :using_radius?)
|
35
|
+
validates_length_of_login_field_options validates_length_of_login_field_options.merge(:unless => :using_radius?)
|
36
|
+
validates_uniqueness_of_login_field_options validates_uniqueness_of_login_field_options.merge(:unless => :using_radius?)
|
37
|
+
validates_format_of_login_field_options validates_format_of_login_field_options.merge(:unless => :using_radius?)
|
38
|
+
|
32
39
|
end
|
33
40
|
end
|
34
41
|
|
@@ -56,6 +56,32 @@ module AuthlogicRadius
|
|
56
56
|
end
|
57
57
|
alias_method :radius_login_field=, :radius_login_field
|
58
58
|
|
59
|
+
# Set to indicate whether users should be created here upon successful authentication
|
60
|
+
# * <tt>Defaults:</tt> true
|
61
|
+
# * <tt>Accepts:</tt> Boolean
|
62
|
+
def auto_register(value=nil)
|
63
|
+
rw_config(:auto_register,value, true)
|
64
|
+
end
|
65
|
+
alias_method :auto_register=, :auto_register
|
66
|
+
|
67
|
+
# The domain part added to the login to generate an email address
|
68
|
+
# * <tt>Defaults:</tt> nil
|
69
|
+
# * <tt>Accepts:</tt> String
|
70
|
+
def auto_register_domain(value=nil)
|
71
|
+
rw_config(:auto_register_domain, value)
|
72
|
+
end
|
73
|
+
alias_method :auto_register_domain=, :auto_register_domain
|
74
|
+
|
75
|
+
# Defines a method to call when a user is auto registered.
|
76
|
+
# This is intended to allow for custom user configuration (i.e. adding roles, etc).
|
77
|
+
#
|
78
|
+
# * <tt>Default:</tt> :configure_new_radius_user
|
79
|
+
# * <tt>Accepts:</tt> Symbol
|
80
|
+
def auto_register_method(value=nil)
|
81
|
+
rw_config(:auto_register_method, value, :configure_new_radius_user)
|
82
|
+
end
|
83
|
+
alias_method :auto_register_method=, :auto_register_method
|
84
|
+
|
59
85
|
# Once RADIUS authentication has succeeded we need to find the user in the database. By default this just calls the
|
60
86
|
# find_by_radius_login method provided by ActiveRecord. If you have a more advanced set up and need to find users
|
61
87
|
# differently specify your own method and define your logic in there.
|
@@ -81,6 +107,7 @@ module AuthlogicRadius
|
|
81
107
|
klass.class_eval do
|
82
108
|
attr_accessor :radius_login
|
83
109
|
attr_accessor :radius_password
|
110
|
+
attr_accessor :radius_domain
|
84
111
|
validate :validate_by_radius, :if => :authenticating_with_radius?
|
85
112
|
end
|
86
113
|
end
|
@@ -105,7 +132,11 @@ module AuthlogicRadius
|
|
105
132
|
values = value.is_a?(Array) ? value : [value]
|
106
133
|
hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
|
107
134
|
if !hash.nil?
|
108
|
-
|
135
|
+
if hash.key?(:radius_login)
|
136
|
+
(login, domain) = hash[:radius_login].split('@')
|
137
|
+
self.radius_domain = domain || auto_register_domain
|
138
|
+
self.radius_login = login
|
139
|
+
end
|
109
140
|
self.radius_password = hash[:radius_password] if hash.key?(:radius_password)
|
110
141
|
end
|
111
142
|
end
|
@@ -114,6 +145,14 @@ module AuthlogicRadius
|
|
114
145
|
def authenticating_with_radius?
|
115
146
|
return radius_host && radius_shared_secret && radius_login
|
116
147
|
end
|
148
|
+
|
149
|
+
def auto_register?
|
150
|
+
self.class.auto_register
|
151
|
+
end
|
152
|
+
|
153
|
+
def auto_register_domain
|
154
|
+
self.class.auto_register_domain
|
155
|
+
end
|
117
156
|
|
118
157
|
def validate_by_radius
|
119
158
|
errors.add(:radius_login, I18n.t('error_messages.radius_login_blank', :default => "can not be blank")) if radius_login.blank?
|
@@ -123,21 +162,43 @@ module AuthlogicRadius
|
|
123
162
|
begin
|
124
163
|
req = Radiustar::Request.new("#{radius_host}:#{radius_port}")
|
125
164
|
rescue => e
|
126
|
-
errors.add_to_base("Unable to
|
165
|
+
errors.add_to_base(I18n.t('error_messsages.cannot_resolve_radius_server', :default => "Unable to find a network path to RADIUS server at #{radius_host}:#{radius_port}"))
|
127
166
|
return
|
128
167
|
end
|
129
168
|
|
130
169
|
begin
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
170
|
+
radius_response = nil
|
171
|
+
begin
|
172
|
+
Timeout.timeout(radius_timeout) do
|
173
|
+
radius_response = req.authenticate(radius_login,radius_password,radius_shared_secret)
|
174
|
+
end
|
175
|
+
rescue Timeout::Error
|
176
|
+
errors.add_to_base(I18n.t('error_messages.radius_server_unavailable', :default => "No response from RADIUS server at #{radius_host}:#{radius_port}"))
|
177
|
+
end
|
178
|
+
|
179
|
+
if radius_response
|
180
|
+
#authentication succeeded, find or create the user
|
181
|
+
self.attempted_record = search_for_record(find_by_radius_login_method, radius_login)
|
182
|
+
|
183
|
+
if attempted_record.blank? && auto_register?
|
184
|
+
self.attempted_record = klass.new(
|
185
|
+
:radius_login => radius_login,
|
186
|
+
:email => "#{radius_login}@#{radius_domain}",
|
187
|
+
:remember_me => controller.params[:remember_me] == "true"
|
188
|
+
)
|
189
|
+
auto_register_method.to_proc.call(self.attempted_record)
|
190
|
+
if self.attempted_record.save
|
191
|
+
Rails.logger.info 'New user created'
|
192
|
+
else
|
193
|
+
Rails.logger.debug "#{self.attempted_record.errors.full_messages}"
|
194
|
+
errors.add_to_base(I18n.t('error_messages.failed_to_create_local_user', :default => "Failed to create a local user record."))
|
195
|
+
end
|
135
196
|
else
|
136
|
-
errors.
|
197
|
+
errors.add(:radius_login, I18n.t('error_messages.radius_login_not_found', :default => "does not exist")) if attempted_record.blank?
|
137
198
|
end
|
199
|
+
else
|
200
|
+
errors.add_to_base(I18n.t('error_messages.authentication_failed', :default => "Authentication failed"))
|
138
201
|
end
|
139
|
-
rescue Timeout::Error
|
140
|
-
errors.add_to_base("No response from RADIUS server at #{radius_host}:#{radius_port}")
|
141
202
|
rescue => e
|
142
203
|
errors.add_to_base(e.to_s)
|
143
204
|
end
|
@@ -154,7 +215,19 @@ module AuthlogicRadius
|
|
154
215
|
def radius_shared_secret
|
155
216
|
self.class.radius_shared_secret
|
156
217
|
end
|
218
|
+
|
219
|
+
def auto_register
|
220
|
+
self.class.auto_register
|
221
|
+
end
|
222
|
+
|
223
|
+
def auto_register_domain
|
224
|
+
self.class.auto_register_domain
|
225
|
+
end
|
157
226
|
|
227
|
+
def auto_register_method
|
228
|
+
self.class.auto_register_method
|
229
|
+
end
|
230
|
+
|
158
231
|
def radius_timeout
|
159
232
|
self.class.radius_timeout
|
160
233
|
end
|
@@ -162,6 +235,7 @@ module AuthlogicRadius
|
|
162
235
|
def find_by_radius_login_method
|
163
236
|
self.class.find_by_radius_login_method
|
164
237
|
end
|
238
|
+
|
165
239
|
end
|
166
240
|
end
|
167
241
|
end
|
metadata
CHANGED
@@ -1,12 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authlogic_radius
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
+
hash: 21
|
4
5
|
prerelease: false
|
5
6
|
segments:
|
6
7
|
- 0
|
7
8
|
- 0
|
8
|
-
-
|
9
|
-
version: 0.0.
|
9
|
+
- 5
|
10
|
+
version: 0.0.5
|
10
11
|
platform: ruby
|
11
12
|
authors:
|
12
13
|
- Brad Langhorst
|
@@ -14,16 +15,18 @@ autorequire:
|
|
14
15
|
bindir: bin
|
15
16
|
cert_chain: []
|
16
17
|
|
17
|
-
date: 2010-
|
18
|
+
date: 2010-10-18 00:00:00 -04:00
|
18
19
|
default_executable:
|
19
20
|
dependencies:
|
20
21
|
- !ruby/object:Gem::Dependency
|
21
22
|
name: authlogic
|
22
23
|
prerelease: false
|
23
24
|
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
24
26
|
requirements:
|
25
27
|
- - ">="
|
26
28
|
- !ruby/object:Gem::Version
|
29
|
+
hash: 3
|
27
30
|
segments:
|
28
31
|
- 2
|
29
32
|
- 0
|
@@ -34,9 +37,11 @@ dependencies:
|
|
34
37
|
name: radiustar
|
35
38
|
prerelease: false
|
36
39
|
requirement: &id002 !ruby/object:Gem::Requirement
|
40
|
+
none: false
|
37
41
|
requirements:
|
38
42
|
- - ">="
|
39
43
|
- !ruby/object:Gem::Version
|
44
|
+
hash: 25
|
40
45
|
segments:
|
41
46
|
- 0
|
42
47
|
- 0
|
@@ -72,23 +77,27 @@ rdoc_options:
|
|
72
77
|
require_paths:
|
73
78
|
- lib
|
74
79
|
required_ruby_version: !ruby/object:Gem::Requirement
|
80
|
+
none: false
|
75
81
|
requirements:
|
76
82
|
- - ">="
|
77
83
|
- !ruby/object:Gem::Version
|
84
|
+
hash: 3
|
78
85
|
segments:
|
79
86
|
- 0
|
80
87
|
version: "0"
|
81
88
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
89
|
+
none: false
|
82
90
|
requirements:
|
83
91
|
- - ">="
|
84
92
|
- !ruby/object:Gem::Version
|
93
|
+
hash: 3
|
85
94
|
segments:
|
86
95
|
- 0
|
87
96
|
version: "0"
|
88
97
|
requirements: []
|
89
98
|
|
90
99
|
rubyforge_project:
|
91
|
-
rubygems_version: 1.3.
|
100
|
+
rubygems_version: 1.3.7
|
92
101
|
signing_key:
|
93
102
|
specification_version: 3
|
94
103
|
summary: Extension of the Authlogic library adding RADIUS support.
|