RubyGems - rubycas-client - Versions diffs - 0.10.0 → 0.10.1 - Mend

rubycas-client 0.10.0 → 0.10.1

Files changed (5) hide show

data/README CHANGED Viewed

@@ -1,9 +1,9 @@
 = RubyCAS-Client
-Author::    Ola Bini <ola.bini AT ki DOT se>, Matt Zukowski <matt AT roughest DOT net>
+Author::    Ola Bini <ola.bini AT ki DOT se>, Matt Zukowski <matt AT roughest DOT net>, Matt Walker <mwalker AT tamu DOT edu>
 Copyright:: (c) 2006 Karolinska Institutet, portions (c) 2006 Urbacon Ltd.
 License::   GNU Lesser General Public License v2.1 (LGPL 2.1)
-Website::   http://rubyforge.org/projects/rubycas-client
+Website::   http://rubyforge.org/projects/rubycas-client and http://code.google.com/p/rubycas-client
 === RubyCAS-Client is a Ruby client library for Yale's Central Authentication Service (CAS) protocol.
@@ -21,10 +21,10 @@ This CAS client library is designed to work easily with Rails, but can of course
 == Installing
-You can always download the latest version of RubyCAS-Client from the project's rubyforge page at http://rubyforge.org/projects/rubycas-client,
-however probably the easiest way to install CAS support into your Rails app is via the plugins facility:
+You can always download the latest version of RubyCAS-Client from the project's rubyforge page at http://rubyforge.org/projects/rubycas-client.
+However probably the easiest way to install CAS support into your Rails app is via the plugins facility:
-  ./script/plugin install http://rubycas-client.rubyforge.org/plugin/current
+  ./script/plugin install http://rubycas-client.rubyforge.org/plugin/rubycas-client
 Alternatively, the library is also available as a gem, which can be installed by:
@@ -32,34 +32,32 @@ Alternatively, the library is also available as a gem, which can be installed by
 The latest development version is availabe via subversion:
-  svn checkout svn://rubyforge.org/var/svn/rubycas-client/trunk/ruby
+  ./script/plugin install -x http://rubycas-client.googlecode.com/svn/trunk/rubycas-client
-Or you can install the latest development version into your Rails app as a plugin:
-  ./script/plugin install -x svn://rubyforge.org/var/svn/rubycas-client/trunk/ruby
-Please contact the developers via the {rubyforge.org page}[svn checkout svn://rubyforge.org/var/svn/rubycas-client] if you have bug fixes
+Please contact the developers via the {rubyforge.org page}[http://rubyforge.org/projects/rubycas-client] if you have bug fixes
 or enhancements you would like to contribute back.
 == Examples
 ==== Here is an example of how to use the library in your Rails application:
-Somewhere in your +config/environment.rb+ file add this (assuming that you have RubyCAS-Client installed as a plugin, otherwise
-you'll need to +require 'cas_auth'+ and +require 'cas_proxy_callback_controller'+):
+Somewhere in your <tt>config/environment.rb</tt> file add this (assuming that you have RubyCAS-Client installed as a plugin, otherwise
+you'll need to <tt>require 'cas_auth'</tt> and <tt>require 'cas_proxy_callback_controller'</tt>):
   CAS::Filter.cas_base_url = "https://login.example.com/cas"
-Then, in your +app/controllers/application.rb+ (or in whatever controller you want to add the CAS filter for):
+Then, in your <tt>app/controllers/application.rb</tt> (or in whatever controller you want to add the CAS filter for):
   before_filter CAS::Filter
-That's it. You should now find that you are redirected to your CAS login page when you try to access any action
-in your protected controller. You can of course qualify the +before_filter+ as you would with any other ActionController
-filter. For example: +before_filter CAS::Filter, :except => [ :unprotected_action, :another_unprotected_action ]
+That's it. You should now find that you are redirected to your CAS login page whenever you try to access any action
+in your protected controller. You can of course qualify the <tt>before_filter</tt> as you would with any other ActionController
+filter. For example:
+  before_filter CAS::Filter, :except => [ :unprotected_action, :another_unprotected_action ]
-<b>Once the user has been authenticated, their authenticated username is available under +request.username+
-(and also under +session[:casfilteruser]+).</b> If you want to do something with this username (for example load a
+<b>Once the user has been authenticated, their authenticated username is available under <tt>request.username</tt></b>
+(and also under <tt>session[:casfilteruser]</tt>). If you want to do something with this username (for example load a
 user record from the database), you can append another filter method that checks for this value and does whatever you need
 it to do.
@@ -94,18 +92,36 @@ when your application requests to act as a CAS proxy, the CAS server must contac
 Confused? Don't worry, you don't really have to understand this to use it. To enable your Rails app to act as a CAS proxy,
 all you need to do is this:
-In your +config/environment.rb+:
+In your <tt>config/environment.rb</tt>:
   CAS::Filter.cas_base_url = "https://login.example.com/cas"
   CAS::Filter.proxy_callback_url = "https://yourrailsapp.com/cas_proxy_callback/receive_pgt"
   CAS::Filter.proxy_retrieval_url = "https://yourrailsapp.com/cas_proxy_callback/retrieve_pgt"
-In +config/routes.rb+ make sure that you have a route that will allow requests to /cas_proxy_callback/:action to be routed to the
+In <tt>config/routes.rb</tt> make sure that you have a route that will allow requests to /cas_proxy_callback/:action to be routed to the
 CasProxyCallbackController. This should work as-is with the standard Rails routes setup, but if you have disabled the default
 route, you should add the following:
   map.cas_proxy_callback 'cas_proxy_callback/:action', :controller => 'cas_proxy_callback'
+Now here's a big giant caveat: <b>your CAS callback application and your CAS proxy application must run on separate Rails servers</b>.
+In other words, if you want a Rails app to act as a CAS ticket-granting proxy, the cas_proxy_callback controller
+must run on a different server. This is because Rails does not properly support handling of concurrent requests. The CAS proxy mechanism
+acts in such a way that if your proxy application and your callback controller were on the same server
+you would end up with a deadlock (the CAS server would be waiting for its callback to be accepted by your Rails server,
+but your Rails server wouldn't respond to the CAS server's callback until the CAS server responded back first).
+The simplest workaround is this:
+1. Create an empty rails app (i.e. something like <tt>rails cas_proxy_callback</tt>)
+2. Make sure that you have the CAS plugin installed. If you installed it as a gem, you don't have to do anything since
+   it is already installed. If you want to install as a plugin, see the instructions in the "Installing" section above.
+3. Make sure that the server is up and running, and configure your proxy_callback_url and proxy_retrieval_url to point
+   to the new server as described above (or rather, make Pound point to the new server, if that's how you're handling https).
+That's it. The proxy_callback_controller doesn't require any additional configuration. It doesn't access the database
+or anything of that sort.
 Once your user logs in to CAS via your application, you can do the following to obtain a service ticket that can then be used
 to authenticate another application:
@@ -113,7 +129,7 @@ to authenticate another application:
   proxy_granting_ticket = session[:casfilterpgt]
   ticket = CAS::Filter.request_proxy_ticket(service_uri, proxy_granting_ticket)
-+ticket+ should now contain a valid service ticket. You can use it to authenticate your other by sending it and the service URI
+<tt>ticket</tt> should now contain a valid service ticket. You can use it to authenticate your other by sending it and the service URI
 as query parameters to your target application:
   http://some.other.application?service=#{ticket.target_service}&ticket=#{ticket.proxy_ticket}
@@ -145,6 +161,17 @@ to your Rails application. Also, note that <i>self-signed SSL certificates likel
 a real certificate purchased from a trusted CA authority (there are ways around this, but good luck :)
+== SSL Support
+If you are getting an error on net/https -- something like this:
+  no such file to load -- net/https
+Then make sure the library for open SSL is installed. For example, on an Debian/Ubuntu system issue the following:
+  sudo apt-get install libopenssl-ruby
 == License
 This program is free software; you can redistribute it and/or modify

data/init.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require 'cas_auth'
+require 'cas_proxy_callback_controller'
 #CAS::Filter.logger = RAILS_DEFAULT_LOGGER if !RAILS_DEFAULT_LOGGER.nil?
 #CAS::Filter.logger = config.logger if !config.logger.nil?

data/install.rb CHANGED Viewed

@@ -1 +1,5 @@
 # Install hook code here
+#parent_dir = File.dirname(File.expand_path(__FILE__))
+#grandparent_dir = File.dirname(parent_dir)
+#
+#File.rename(parent_dir, grandparent_dir+"/rubycas-client")

data/lib/cas_auth.rb CHANGED Viewed

@@ -1,23 +1,6 @@
-# RubyCAS-Client is a client and Rails filter for the CAS protocol.
-# Copyright (c) 2006 Karolinska Institutet
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software Foundation,
-# Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 require 'uri'
 require 'logger'
 require File.dirname(File.expand_path(__FILE__))+'/cas'
 module CAS

metadata CHANGED Viewed

@@ -3,8 +3,8 @@ rubygems_version: 0.8.11
 specification_version: 1
 name: rubycas-client
 version: !ruby/object:Gem::Version
-  version: 0.10.0
-date: 2006-09-07 00:00:00 -04:00
+  version: 0.10.1
+date: 2006-10-11 00:00:00 -04:00
 summary: Client library for the CAS single-sign-on protocol.
 require_paths:
 - lib
@@ -27,6 +27,7 @@ signing_key:
 cert_chain:
 authors:
 - Matt Zukowski
+- Ola Bini
 - Matt Walker
 files:
 - install.rb