rubycas-client 2.0.0 → 2.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/CHANGELOG.txt CHANGED
@@ -1,5 +1,16 @@
1
1
  = RubyCAS-Client Changelog
2
2
 
3
+ == Version 2.0.1 :: 2008-02-27
4
+
5
+ * The Rails filter no longer by default redirects to the CAS server on
6
+ every request. This restores the behaviour of RubyCAS-Client 1.x.
7
+ In other words, if a session[:cas_user] value exists, the filter
8
+ will assume that the user is authenticated without going through the
9
+ CAS server. This behaviour can be disabled (so that a CAS re-check is
10
+ done on every request) by setting the 'authenticate_on_every_request'
11
+ option to true. See the "Re-authenticating on every request" section
12
+ in the README.txt for details.
13
+
3
14
  == Version 2.0.0 :: 2008-02-14
4
15
 
5
16
  * COMPLETE RE-WRITE OF THE ENTIRE CLIENT FROM THE GROUND UP. Oh yes.
data/README.txt CHANGED
@@ -93,7 +93,8 @@ Here is a more complicated configuration showing most of the configuration optio
93
93
  :validate_url => "https://cas.example.foo/proxyValidate",
94
94
  :session_username_key => :cas_user,
95
95
  :session_extra_attributes_key => :cas_extra_attributes
96
- :logger => cas_logger
96
+ :logger => cas_logger,
97
+ :authenticate_on_every_request => true
97
98
  )
98
99
 
99
100
  Note that it is normally not necessary to specify <tt>:login_url</tt>, <tt>:logout_url</tt>, and <tt>:validate_url</tt>.
@@ -108,6 +109,23 @@ info under <tt>session[:cas_extra_attributes]</tt>).
108
109
  An arbitrary Logger instance can be given as the :logger parameter. In the example above we log all CAS activity to a
109
110
  <tt>log/cas.log</tt> file in your Rails app's directory.
110
111
 
112
+ ==== Re-authenticating on every request (i.e. the "single sign-out problem")
113
+
114
+ By default, the Rails filter will only authenticate with the CAS server when no session[:cas_user] value exists. Once the user
115
+ has been authenticated, no further CAS forwarding is done until the user's session is wiped. This saves you
116
+ the trouble of having to do this check yourself (since in most cases it is not advisable to go through the CAS server
117
+ on every request -- this is slow and would potentially lead to problems, for example for AJAX requests). However,
118
+ the disadvantage is that the filter no longer checks to make sure that the user's CAS session is still actually open.
119
+ In other words it is possible for the user's authentication session to be closed on the CAS server without the
120
+ client application knowing about it.
121
+
122
+ In the future RubyCAS-Client will support the new "Single Sign-Out" functionality in CAS 3.1, allowing the server to
123
+ notify the client application that the CAS session is closed, but for now it is up to you to handle this by, for example,
124
+ by wiping the local session[:cas_user] value periodically to force a CAS re-check.
125
+
126
+ Alternatively, it is possible to disable this authentication persistence behaviour by setting the <tt>:authenticate_on_every_request</tt>
127
+ configuration option to true as in the example above.
128
+
111
129
 
112
130
  ==== Defining a 'logout' action
113
131
 
data/lib/casclient.rb CHANGED
@@ -70,10 +70,20 @@ require 'casclient/version'
70
70
  # Detect legacy configuration and show appropriate error message
71
71
  module CAS
72
72
  module Filter
73
- def method_missing
74
- $stderr.puts "Your RubyCAS-Client configuration is no longer valid."
75
- $stderr.puts "Please see http://rubycas-client.googlecode.com/svn/trunk/rubycas-client/README.txt for information on the new configuration format."
73
+ class << self
74
+ def method_missing(method, *args)
75
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
76
+ $stderr.puts
77
+ $stderr.puts "WARNING: Your RubyCAS-Client configuration is no longer valid!!"
78
+ $stderr.puts
79
+ $stderr.puts "For information on the new configuration format please see: "
80
+ $stderr.puts
81
+ $stderr.puts " http://rubycas-client.googlecode.com/svn/trunk/rubycas-client/README.txt"
82
+ $stderr.puts
76
83
  $stderr.puts "After upgrading your configuration you should also clear your application's session store."
84
+ $stderr.puts
85
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
86
+ end
77
87
  end
78
88
  end
79
89
  end
@@ -21,7 +21,7 @@ module CASClient
21
21
  # warn() rather than info() because we really shouldn't be re-validating the same ticket.
22
22
  # The only time when this is acceptable is if the user manually does a refresh and the ticket
23
23
  # happens to be in the URL.
24
- log.warn("Reusing previously validated ticket since the new ticket and service are the same.")
24
+ log.warn("Re-using previously validated ticket since the new ticket and service are the same.")
25
25
  st = lst
26
26
  end
27
27
 
@@ -62,6 +62,12 @@ module CASClient
62
62
  redirect_to_cas_for_authentication(controller)
63
63
  return false
64
64
  end
65
+ elsif !config[:authenticate_on_every_request] && controller.session[client.username_session_key]
66
+ # Don't re-authenticate with the CAS server if we already previously authenticated and the
67
+ # :authenticate_on_every_request option is disabled (it's disabled by default).
68
+ log.debug "Existing local CAS session detected for #{controller.session[client.username_session_key].inspect}. "+
69
+ "User will not be re-authenticated."
70
+ return true
65
71
  else
66
72
  if returning_from_gateway?(controller)
67
73
  log.info "Returning from CAS gateway without authentication."
@@ -2,7 +2,7 @@ module CASClient #:nodoc:
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 2
4
4
  MINOR = 0
5
- TINY = 0
5
+ TINY = 1
6
6
 
7
7
  STRING = [MAJOR, MINOR, TINY].join('.')
8
8
  end
@@ -1 +1,5 @@
1
- require 'lib/casclient'
1
+ begin
2
+ require 'casclient'
3
+ rescue MissingSourceFile
4
+ require 'lib/casclient'
5
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rubycas-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matt Zukowski
@@ -10,7 +10,7 @@ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
12
 
13
- date: 2008-02-19 00:00:00 -05:00
13
+ date: 2008-02-27 00:00:00 -05:00
14
14
  default_executable:
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency