rack-auth-kerberos 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. data/CHANGES +3 -0
  2. data/README +3 -0
  3. data/lib/rack/auth/kerberos.rb +13 -2
  4. data/rack-auth-kerberos.gemspec +2 -2
  5. data/test/test_rack_auth_kerberos.rb +1 -1
  6. metadata +3 -2
data/CHANGES CHANGED
@@ -1,3 +1,6 @@
1
+ = 0.2.2 - 13-Jan-2010
2
+ * Added some basic logging, accessible through the request.env["AUTH_LOG"] variable.
3
+
1
4
  = 0.2.1 - 28-Dec-2009
2
5
  * Minor internal refactoring and documentation updates.
3
6
 
data/README CHANGED
@@ -26,6 +26,9 @@ and env['AUTH_FAIL'] is set to an error message explaining what went wrong.
26
26
  Note that if env['AUTH_USER'] or env['AUTH_FAIL'] are already set, then the
27
27
  request is forwarded normally.
28
28
 
29
+ Some details are logged in env['AUTH_LOG'], primarily for debugging purposes,
30
+ if needed.
31
+
29
32
  = TODO
30
33
  Handle other types of authentication, e.g. HTTP basic auth with a username
31
34
  and password are submitted, instead of only looking in request params.
data/lib/rack/auth/kerberos.rb CHANGED
@@ -4,7 +4,11 @@ module Rack
4
4
  module Auth
5
5
  class Kerberos
6
6
  # The version of the rack-auth-kerberos library.
7
- VERSION = '0.2.1'
7
+ VERSION = '0.2.2'
8
+
9
+ def log(msg)
10
+ @log << "\n #{msg}"
11
+ end
8
12
 
9
13
  # Creates a new Rack::Kerberos object. The +user_field+ and +password_field+
10
14
  # are the params looked for in the call method. The defaults are 'username'
@@ -28,6 +32,7 @@ module Rack
28
32
  else
29
33
  @realm = @kerberos.get_default_realm
30
34
  end
35
+ @log = "Initializing Rack::Auth::Kerberos"
31
36
  end
32
37
 
33
38
  # The call method we've defined first checks to see if the AUTH_USER
@@ -57,6 +62,7 @@ module Rack
57
62
  user = request.params[@user_field]
58
63
  password = request.params[@password_field]
59
64
 
65
+ log "Kerberos user: #{user}, password length: #{password.nil? ? 'nil' : password.size}"
60
66
  # Only authenticate user if both the username and password fields are present
61
67
  unless user && password
62
68
  return @app.call(env)
@@ -65,7 +71,8 @@ module Rack
65
71
  # Automatically append the realm if not already present
66
72
  user_with_realm = user.dup
67
73
  user_with_realm += "@#{@realm}" unless user.include?('@')
68
-
74
+ log "Kerberos user_with_realm: #{user_with_realm}"
75
+
69
76
  # Do not authenticate if either one of these is set
70
77
  if env['AUTH_USER'] || env['AUTH_FAIL']
71
78
  return @app.call(env)
@@ -80,6 +87,7 @@ module Rack
80
87
  when /integrity check failed/i
81
88
  msg = "Invalid password for '#{user}'"
82
89
  else
90
+ log "Krb5Auth::Krb5::Exception: #{err.message}"
83
91
  msg = "Error attempting to validate userid and password"
84
92
  end
85
93
 
@@ -87,6 +95,7 @@ module Rack
87
95
  env['AUTH_FAIL'] = msg
88
96
  rescue => err
89
97
  env.delete('AUTH_USER')
98
+ log "Kerberos Unexpected Error: #{err.message}"
90
99
  env['AUTH_FAIL'] = "Unexpected failure during Kerberos authentication"
91
100
  else
92
101
  env.delete('AUTH_FAIL')
@@ -100,6 +109,8 @@ module Rack
100
109
  @kerberos.close
101
110
  end
102
111
 
112
+ log "Kerberos sign in results: AUTH_TYPE_USER=#{env['AUTH_TYPE_USER']}, AUTH_FAIL=#{env['AUTH_FAIL']}"
113
+ env['AUTH_LOG'] = @log
103
114
  @app.call(env)
104
115
  end
105
116
  end
data/rack-auth-kerberos.gemspec CHANGED
@@ -2,8 +2,8 @@ require 'rubygems'
2
2
 
3
3
  Gem::Specification.new do |gem|
4
4
  gem.name = 'rack-auth-kerberos'
5
- gem.version = '0.2.1'
6
- gem.authors = ["Daniel Berger", "Charlie O'Keefe"]
5
+ gem.version = '0.2.2'
6
+ gem.authors = ["Daniel Berger", "Charlie O'Keefe", "Marty Haught"]
7
7
  gem.email = 'dberger@globe.gov'
8
8
  gem.homepage = 'http://www.github.com/rack-kerberos'
9
9
  gem.summary = 'A Rack library that authenticates people using Kerberos'
data/test/test_rack_auth_kerberos.rb CHANGED
@@ -13,7 +13,7 @@ class TC_Rack_Auth_Kerberos < Test::Unit::TestCase
13
13
  end
14
14
 
15
15
  def test_version
16
- assert_equal('0.2.1', Rack::Auth::Kerberos::VERSION)
16
+ assert_equal('0.2.2', Rack::Auth::Kerberos::VERSION)
17
17
  end
18
18
 
19
19
  def teardown
metadata CHANGED
@@ -1,16 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-auth-kerberos
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Berger
8
8
  - Charlie O'Keefe
9
+ - Marty Haught
9
10
  autorequire:
10
11
  bindir: bin
11
12
  cert_chain: []
12
13
 
13
- date: 2009-12-28 00:00:00 -07:00
14
+ date: 2010-01-13 00:00:00 -07:00
14
15
  default_executable:
15
16
  dependencies:
16
17
  - !ruby/object:Gem::Dependency