devise_active_directory_authenticatable 0.3.2 → 0.3.3
Sign up to get free protection for your applications and to get access to all the features.
data/README.md
CHANGED
|
@@ -5,6 +5,8 @@ Devise ActiveDirectory Authenticatable is a AD based authentication strategy for
|
|
|
5
5
|
|
|
6
6
|
If you are building applications for use within your organization which require authentication and you want to use AD, this plugin is for you.
|
|
7
7
|
|
|
8
|
+
Please note, this plugin is currently under heavy development.
|
|
9
|
+
|
|
8
10
|
Requirements
|
|
9
11
|
------------
|
|
10
12
|
|
|
@@ -13,8 +15,9 @@ Requirements
|
|
|
13
15
|
|
|
14
16
|
These gems are dependencies of the gem:
|
|
15
17
|
|
|
16
|
-
- Devise 1.1.
|
|
17
|
-
- active_directory 1.
|
|
18
|
+
- Devise 1.1.5
|
|
19
|
+
- active_directory 1.2.4
|
|
20
|
+
- ancestry 1.2.3 _(For storing the group heirarchy)_
|
|
18
21
|
|
|
19
22
|
Installation
|
|
20
23
|
------------
|
|
@@ -25,12 +28,8 @@ This will *only* work for Rails 3 applications.
|
|
|
25
28
|
|
|
26
29
|
In the Gemfile for your application:
|
|
27
30
|
|
|
28
|
-
gem "devise"
|
|
31
|
+
gem "devise"
|
|
29
32
|
gem "devise_active_directory_authenticatable"
|
|
30
|
-
|
|
31
|
-
To get the latest version, pull directly from github instead of the gem:
|
|
32
|
-
|
|
33
|
-
gem "devise_active_directory_authenticatable", :git => "git://github.com/ajrkerr/devise_active_directory_authenticatable.git"
|
|
34
33
|
|
|
35
34
|
|
|
36
35
|
Setup
|
|
@@ -49,11 +48,21 @@ This will update the devise.rb initializer, and update your user model. There ar
|
|
|
49
48
|
|
|
50
49
|
Options:
|
|
51
50
|
|
|
52
|
-
[--user-model=USER_MODEL] # Model to update
|
|
51
|
+
[--user-model=USER_MODEL] # User Model to update
|
|
53
52
|
# Default: user
|
|
53
|
+
[--group-model=USER_MODEL] # Group Model to update
|
|
54
|
+
# Default: group
|
|
54
55
|
[--add-rescue] # Update Application Controller with resuce_from for DeviseActiveDirectoryAuthenticatable::ActiveDirectoryException
|
|
55
56
|
# Default: true
|
|
56
57
|
|
|
58
|
+
The rest of this documentation needs to be revised. To get going on this, run the installer which will add some configuration options to config/intializers/devise.rb
|
|
59
|
+
|
|
60
|
+
In your user model add:
|
|
61
|
+
devise :ad_user
|
|
62
|
+
|
|
63
|
+
In your group model add:
|
|
64
|
+
devise :ad_group
|
|
65
|
+
|
|
57
66
|
|
|
58
67
|
Usage
|
|
59
68
|
-----
|
|
@@ -73,7 +82,7 @@ In initializer `config/initializers/devise.rb` :
|
|
|
73
82
|
* Active Directory server configuration settings
|
|
74
83
|
|
|
75
84
|
* ad\_attr\_mapping
|
|
76
|
-
* Attribute mapping between active directory and the user model
|
|
85
|
+
* Attribute mapping between active directory and the user model. These attributes will be pulled from the AD
|
|
77
86
|
|
|
78
87
|
* ad\_username _(default: :userPrincipalName)_
|
|
79
88
|
* Username attribute on the AD to login with. Maps with the login_with attribute from devise.
|
|
@@ -85,6 +94,19 @@ In initializer `config/initializers/devise.rb` :
|
|
|
85
94
|
* ad\_logger _(default: true)_
|
|
86
95
|
* If set to true, will log Active Directory queries to the Rails logger.
|
|
87
96
|
|
|
97
|
+
* ad\_update\_users _(default: true)_
|
|
98
|
+
* If true, devise will update the user attributes from the Active Directory when the user logs in
|
|
99
|
+
|
|
100
|
+
* ad\_update\_groups _(default: true)_
|
|
101
|
+
* If true, devise will allow the group models to be update from the Active Directory
|
|
102
|
+
|
|
103
|
+
* ad\_update\_group\_memberships _(default: true)_ _[unimplemented]_
|
|
104
|
+
* If true, devise will allow the memberships for groups and users to be updated. It will also update the memberships when a user logs in.
|
|
105
|
+
|
|
106
|
+
* ad\_update\_user\_memberships _(default: true)_ _[unimplemented]_
|
|
107
|
+
* If true, devise will allow the memberships for groups and users to be updated. It will also update the memberships when a user logs in.
|
|
108
|
+
|
|
109
|
+
|
|
88
110
|
|
|
89
111
|
References
|
|
90
112
|
----------
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.3.
|
|
1
|
+
0.3.3
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{devise_active_directory_authenticatable}
|
|
8
|
-
s.version = "0.3.
|
|
8
|
+
s.version = "0.3.3"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["Adam Kerr"]
|
|
@@ -64,6 +64,22 @@ module Devise
|
|
|
64
64
|
# Log LDAP queries to the Rails logger
|
|
65
65
|
mattr_accessor :ad_logger
|
|
66
66
|
@@ad_logger = true
|
|
67
|
+
|
|
68
|
+
##Update the user object from the AD
|
|
69
|
+
mattr_accessor :ad_update_users
|
|
70
|
+
@@ad_update_users = true
|
|
71
|
+
|
|
72
|
+
##Update the group object from the AD
|
|
73
|
+
mattr_accessor :ad_update_groups
|
|
74
|
+
@@ad_update_groups = true
|
|
75
|
+
|
|
76
|
+
##Update the group memberships from the AD, this uses the ancestory gem
|
|
77
|
+
mattr_accessor :ad_update_group_memberships
|
|
78
|
+
@@ad_update_group_memberships = true
|
|
79
|
+
|
|
80
|
+
##Update the user memberships from the AD
|
|
81
|
+
mattr_accessor :ad_update_user_memberships
|
|
82
|
+
@@ad_update_user_memberships = true
|
|
67
83
|
end
|
|
68
84
|
|
|
69
85
|
# Add ldap_authenticatable strategy to defaults.
|
|
@@ -2,8 +2,9 @@ module DeviseActiveDirectoryAuthenticatable
|
|
|
2
2
|
class InstallGenerator < Rails::Generators::Base
|
|
3
3
|
source_root File.expand_path("../templates", __FILE__)
|
|
4
4
|
|
|
5
|
-
class_option :user_model, :type => :string, :default => "user", :desc => "
|
|
6
|
-
class_option :
|
|
5
|
+
class_option :user_model, :type => :string, :default => "user", :desc => "User model to update"
|
|
6
|
+
class_option :group_model, :type => :string, :default => "group", :desc => "Group model to update"
|
|
7
|
+
class_option :update_model, :type => :boolean, :default => true, :desc => "Update models to change from database_authenticatable to active_directory_authenticatable or insert the code"
|
|
7
8
|
class_option :add_rescue, :type => :boolean, :default => true, :desc => "Update Application Controller with resuce_from for DeviseActiveDirectoryAuthenticatable::ActiveDirectoryException"
|
|
8
9
|
|
|
9
10
|
|
|
@@ -14,6 +15,10 @@ module DeviseActiveDirectoryAuthenticatable
|
|
|
14
15
|
def update_user_model
|
|
15
16
|
gsub_file "app/models/#{options.user_model}.rb", /:database_authenticatable/, ":ad_user" if options.update_model?
|
|
16
17
|
end
|
|
18
|
+
|
|
19
|
+
def update_group_model
|
|
20
|
+
inject_into_class "app/models/#{options.group_model}.rb", options.group_model, "devise :ad_group" if options.update_model?
|
|
21
|
+
end
|
|
17
22
|
|
|
18
23
|
def update_application_controller
|
|
19
24
|
inject_into_class "app/controllers/application_controller.rb", ApplicationController, rescue_from_exception if options.add_rescue?
|
|
@@ -74,6 +79,18 @@ module DeviseActiveDirectoryAuthenticatable
|
|
|
74
79
|
##Log LDAP queries to the Rails logger
|
|
75
80
|
# config.ad_logger = true
|
|
76
81
|
|
|
82
|
+
##Update the user object from the AD
|
|
83
|
+
# config.ad_update_users = true
|
|
84
|
+
|
|
85
|
+
##Update the group object from the AD
|
|
86
|
+
# config.ad_update_groups = true
|
|
87
|
+
|
|
88
|
+
##Update the group memberships from the AD, this uses the ancestory gem to store the hierarchy
|
|
89
|
+
# config.ad_update_group_memberships = true
|
|
90
|
+
|
|
91
|
+
##Update the user memberships from the AD
|
|
92
|
+
# config.ad_update_user_memberships = true
|
|
93
|
+
|
|
77
94
|
eof
|
|
78
95
|
|
|
79
96
|
settings
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_active_directory_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 21
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 3
|
|
9
|
-
-
|
|
10
|
-
version: 0.3.
|
|
9
|
+
- 3
|
|
10
|
+
version: 0.3.3
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Adam Kerr
|