rubycas-client 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/CHANGELOG.txt CHANGED
@@ -1,5 +1,16 @@
1
1
  = RubyCAS-Client Changelog
2
2
 
3
+ == Version 2.0.1 :: 2008-02-27
4
+
5
+ * The Rails filter no longer by default redirects to the CAS server on
6
+ every request. This restores the behaviour of RubyCAS-Client 1.x.
7
+ In other words, if a session[:cas_user] value exists, the filter
8
+ will assume that the user is authenticated without going through the
9
+ CAS server. This behaviour can be disabled (so that a CAS re-check is
10
+ done on every request) by setting the 'authenticate_on_every_request'
11
+ option to true. See the "Re-authenticating on every request" section
12
+ in the README.txt for details.
13
+
3
14
  == Version 2.0.0 :: 2008-02-14
4
15
 
5
16
  * COMPLETE RE-WRITE OF THE ENTIRE CLIENT FROM THE GROUND UP. Oh yes.
data/README.txt CHANGED
@@ -93,7 +93,8 @@ Here is a more complicated configuration showing most of the configuration optio
93
93
  :validate_url => "https://cas.example.foo/proxyValidate",
94
94
  :session_username_key => :cas_user,
95
95
  :session_extra_attributes_key => :cas_extra_attributes
96
- :logger => cas_logger
96
+ :logger => cas_logger,
97
+ :authenticate_on_every_request => true
97
98
  )
98
99
 
99
100
  Note that it is normally not necessary to specify <tt>:login_url</tt>, <tt>:logout_url</tt>, and <tt>:validate_url</tt>.
@@ -108,6 +109,23 @@ info under <tt>session[:cas_extra_attributes]</tt>).
108
109
  An arbitrary Logger instance can be given as the :logger parameter. In the example above we log all CAS activity to a
109
110
  <tt>log/cas.log</tt> file in your Rails app's directory.
110
111
 
112
+ ==== Re-authenticating on every request (i.e. the "single sign-out problem")
113
+
114
+ By default, the Rails filter will only authenticate with the CAS server when no session[:cas_user] value exists. Once the user
115
+ has been authenticated, no further CAS forwarding is done until the user's session is wiped. This saves you
116
+ the trouble of having to do this check yourself (since in most cases it is not advisable to go through the CAS server
117
+ on every request -- this is slow and would potentially lead to problems, for example for AJAX requests). However,
118
+ the disadvantage is that the filter no longer checks to make sure that the user's CAS session is still actually open.
119
+ In other words it is possible for the user's authentication session to be closed on the CAS server without the
120
+ client application knowing about it.
121
+
122
+ In the future RubyCAS-Client will support the new "Single Sign-Out" functionality in CAS 3.1, allowing the server to
123
+ notify the client application that the CAS session is closed, but for now it is up to you to handle this by, for example,
124
+ by wiping the local session[:cas_user] value periodically to force a CAS re-check.
125
+
126
+ Alternatively, it is possible to disable this authentication persistence behaviour by setting the <tt>:authenticate_on_every_request</tt>
127
+ configuration option to true as in the example above.
128
+
111
129
 
112
130
  ==== Defining a 'logout' action
113
131
 
data/lib/casclient.rb CHANGED
@@ -70,10 +70,20 @@ require 'casclient/version'
70
70
  # Detect legacy configuration and show appropriate error message
71
71
  module CAS
72
72
  module Filter
73
- def method_missing
74
- $stderr.puts "Your RubyCAS-Client configuration is no longer valid."
75
- $stderr.puts "Please see http://rubycas-client.googlecode.com/svn/trunk/rubycas-client/README.txt for information on the new configuration format."
73
+ class << self
74
+ def method_missing(method, *args)
75
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
76
+ $stderr.puts
77
+ $stderr.puts "WARNING: Your RubyCAS-Client configuration is no longer valid!!"
78
+ $stderr.puts
79
+ $stderr.puts "For information on the new configuration format please see: "
80
+ $stderr.puts
81
+ $stderr.puts " http://rubycas-client.googlecode.com/svn/trunk/rubycas-client/README.txt"
82
+ $stderr.puts
76
83
  $stderr.puts "After upgrading your configuration you should also clear your application's session store."
84
+ $stderr.puts
85
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
86
+ end
77
87
  end
78
88
  end
79
89
  end
@@ -21,7 +21,7 @@ module CASClient
21
21
  # warn() rather than info() because we really shouldn't be re-validating the same ticket.
22
22
  # The only time when this is acceptable is if the user manually does a refresh and the ticket
23
23
  # happens to be in the URL.
24
- log.warn("Reusing previously validated ticket since the new ticket and service are the same.")
24
+ log.warn("Re-using previously validated ticket since the new ticket and service are the same.")
25
25
  st = lst
26
26
  end
27
27
 
@@ -62,6 +62,12 @@ module CASClient
62
62
  redirect_to_cas_for_authentication(controller)
63
63
  return false
64
64
  end
65
+ elsif !config[:authenticate_on_every_request] && controller.session[client.username_session_key]
66
+ # Don't re-authenticate with the CAS server if we already previously authenticated and the
67
+ # :authenticate_on_every_request option is disabled (it's disabled by default).
68
+ log.debug "Existing local CAS session detected for #{controller.session[client.username_session_key].inspect}. "+
69
+ "User will not be re-authenticated."
70
+ return true
65
71
  else
66
72
  if returning_from_gateway?(controller)
67
73
  log.info "Returning from CAS gateway without authentication."
@@ -2,7 +2,7 @@ module CASClient #:nodoc:
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 2
4
4
  MINOR = 0
5
- TINY = 0
5
+ TINY = 1
6
6
 
7
7
  STRING = [MAJOR, MINOR, TINY].join('.')
8
8
  end
@@ -1 +1,5 @@
1
- require 'lib/casclient'
1
+ begin
2
+ require 'casclient'
3
+ rescue MissingSourceFile
4
+ require 'lib/casclient'
5
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rubycas-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matt Zukowski
@@ -10,7 +10,7 @@ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
12
 
13
- date: 2008-02-19 00:00:00 -05:00
13
+ date: 2008-02-27 00:00:00 -05:00
14
14
  default_executable:
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency