rubycas-server 0.5.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/lib/casserver.rb CHANGED
@@ -1,77 +1,105 @@
1
- #!/usr/bin/env ruby
1
+ $: << File.dirname(File.expand_path(__FILE__))
2
+ require 'casserver/environment'
2
3
 
3
- # change to current directory when invoked on its own
4
- Dir.chdir(File.dirname(File.expand_path(__FILE__))) if __FILE__ == $0
5
-
6
- # add current directory to load path
7
- $CASSERVER_HOME = File.dirname(File.expand_path(__FILE__))
8
- $: << $CASSERVER_HOME
9
-
10
- require 'rubygems'
11
-
12
- # make things backwards-compatible for rubygems < 0.9.0
13
- unless Object.method_defined? :gem
14
- alias gem require_gem
15
- end
4
+ $APP_PATH ||= File.dirname(File.expand_path(__FILE__))
16
5
 
6
+ # change to current directory when invoked on its own
7
+ Dir.chdir($APP_PATH) if __FILE__ == $0
17
8
 
18
- #gem 'camping', '~> 1.5.180'
19
- $: << $CASSERVER_HOME + "/../vendor/camping-1.5.180/lib"
20
- require 'camping'
21
-
22
- $: << $CASSERVER_HOME + "/../vendor/isaac_0.9.1"
9
+ $: << $APP_PATH + "/../vendor/isaac_0.9.1"
23
10
  require 'crypt/ISAAC'
24
11
 
25
12
  require 'active_support'
26
13
  require 'yaml'
27
14
 
28
- # enable xhtml source code indentation for debugging views
29
- #Markaby::Builder.set(:indent, 2)
30
-
31
15
 
32
16
  # Camping.goes must be called after the authenticator class is loaded, otherwise weird things happen
33
17
  Camping.goes :CASServer
34
18
 
35
- module CASServer
36
- def init_logger
37
- $LOG = CASServer::Utils::Logger.new(CASServer::Conf.log[:file])
38
- $LOG.level = "CASServer::Utils::Logger::#{CASServer::Conf.log[:level]}".constantize
39
- end
40
- module_function :init_logger
41
-
42
- def init_db_logger
43
- begin
44
- if CASServer::Conf.db_log
45
- log_file = CASServer::Conf.db_log[:file] || 'casserver_db.log'
46
- CASServer::Models::Base.logger = Logger.new(log_file)
47
- CASServer::Models::Base.logger.level = "CASServer::Utils::Logger::#{CASServer::Conf.db_log[:level] || 'DEBUG'}".constantize
48
- end
49
- rescue Errno::EACCES => e
50
- $LOG.warn "Can't write to database log file at '#{log_file}': #{e}"
51
- end
52
- end
53
- module_function :init_db_logger
19
+ $CONFIG_FILE ||= '/etc/rubycas-server/config.yml'
54
20
 
21
+ # for some reason this makes JRuby happy
22
+ class CASServer::Models::Base
23
+ end
24
+
25
+ CASServer.picnic!
26
+
27
+ $CONF[:expire_sessions] ||= false
28
+ $CONF[:login_ticket_expiry] ||= 5.minutes
29
+ $CONF[:service_ticket_expiry] ||= 5.minutes # CAS Protocol Spec, sec. 3.2.1 (recommended expiry time)
30
+ $CONF[:proxy_granting_ticket_expiry] ||= 48.hours
31
+ $CONF[:ticket_granting_ticket_expiry] ||= 48.hours
32
+ $CONF[:log] ||= {:file => 'casserver.log', :level => 'DEBUG'}
33
+ $CONF[:uri_path] ||= "/"
34
+
35
+ unless $CONF[:authenticator]
36
+ $stderr.puts
37
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
38
+ $stderr.puts
39
+ $stderr.puts "You have not yet defined an authenticator for your CAS server!"
40
+ $stderr.puts "Please consult your config file at #{$CONFIG_FILE.inspect} for details."
41
+ $stderr.puts
42
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
43
+ exit 1
55
44
  end
56
45
 
57
46
  require 'casserver/utils'
58
47
  require 'casserver/models'
59
48
  require 'casserver/cas'
60
- require 'casserver/conf'
61
49
  require 'casserver/views'
62
50
  require 'casserver/controllers'
63
51
 
64
- CASServer.init_logger
52
+ if $CONF[:authenticator].instance_of? Array
53
+ $CONF[:authenticator].each_index do |auth_index|
54
+ $CONF[:authenticator][auth_index] = HashWithIndifferentAccess.new($CONF[:authenticator][auth_index])
55
+ end
56
+ end
57
+
58
+ $AUTH = []
59
+ begin
60
+ # attempt to instantiate the authenticator
61
+ if $CONF[:authenticator].instance_of? Array
62
+ $CONF[:authenticator].each { |authenticator| $AUTH << authenticator[:class].constantize.new}
63
+ else
64
+ $AUTH << $CONF[:authenticator][:class].constantize.new
65
+ end
66
+ rescue NameError
67
+ if $CONF[:authenticator].instance_of? Array
68
+ $CONF[:authenticator].each do |authenticator|
69
+ if !authenticator[:source].nil?
70
+ # config.yml explicitly names source file
71
+ require authenticator[:source]
72
+ else
73
+ # the authenticator class hasn't yet been loaded, so lets try to load it from the casserver/authenticators directory
74
+ auth_rb = authenticator[:class].underscore.gsub('cas_server/', '')
75
+ require 'casserver/'+auth_rb
76
+ end
77
+ $AUTH << authenticator[:class].constantize.new
78
+ end
79
+ else
80
+ if !$CONF[:authenticator][:source].nil?
81
+ # config.yml explicitly names source file
82
+ require $CONF[:authenticator][:source]
83
+ else
84
+ # the authenticator class hasn't yet been loaded, so lets try to load it from the casserver/authenticators directory
85
+ auth_rb = $CONF[:authenticator][:class].underscore.gsub('cas_server/', '')
86
+ require 'casserver/'+auth_rb
87
+ end
88
+
89
+ $AUTH << $CONF[:authenticator][:class].constantize.new
90
+ end
91
+ end
92
+
93
+ $CONF[:public_dir] = {
94
+ :path => "/themes",
95
+ :dir => File.expand_path(File.dirname(__FILE__))+"/themes"
96
+ }
65
97
 
66
- # do initialization stuff
67
98
  def CASServer.create
99
+ $LOG.info "Creating RubyCAS-Server..."
100
+ CASServer::Models::Base.establish_connection(CASServer::Conf.database)
68
101
  CASServer::Models.create_schema
69
102
 
70
- $LOG.info("RubyCAS-Server #{CASServer::VERSION::STRING} initialized.")
71
-
72
- $LOG.debug("Configuration is:\n#{$CONF.to_yaml}")
73
- $LOG.debug("Authenticator is: #{$AUTH}")
74
-
75
103
  CASServer::Models::ServiceTicket.cleanup_expired(CASServer::Conf.service_ticket_expiry)
76
104
  CASServer::Models::LoginTicket.cleanup_expired(CASServer::Conf.login_ticket_expiry)
77
105
  CASServer::Models::ProxyGrantingTicket.cleanup_expired(CASServer::Conf.proxy_granting_ticket_expiry)
@@ -79,34 +107,4 @@ def CASServer.create
79
107
  end
80
108
 
81
109
 
82
- # this gets run if we launch directly (i.e. `ruby casserver.rb` rather than `camping casserver`)
83
- if __FILE__ == $0 || $RUN
84
- CASServer::Models::Base.establish_connection(CASServer::Conf.database)
85
- CASServer.init_db_logger unless CASServer::Conf.server.to_s == 'mongrel'
86
-
87
- require 'casserver/postambles'
88
- include CASServer::Postambles
89
-
90
- if $PID_FILE && (CASServer::Conf.server.to_s != 'mongrel' || CASServer::Conf.server.to_s != 'webrick')
91
- $LOG.warn("Unable to create a pid file. You must use mongrel or webrick for this feature.")
92
- end
93
-
94
- require 'casserver/version'
95
- puts
96
- puts "*** Starting RubyCAS-Server #{CASServer::VERSION::STRING} using codebase at #{$CASSERVER_HOME}"
97
-
98
-
99
- begin
100
- raise NoMethodError if CASServer::Conf.server.nil?
101
- send(CASServer::Conf.server)
102
- rescue NoMethodError
103
- # FIXME: this rescue can sometime report the incorrect error messages due to other underlying problems
104
- # raising a NoMethodError
105
- if CASServer::Conf.server
106
- raise "The server setting '#{CASServer::Conf.server}' in your config.yml file is invalid."
107
- else
108
- raise "You must have a 'server' setting in your config.yml file. Please see the RubyCAS-Server documentation."
109
- end
110
- end
111
-
112
- end
110
+ CASServer.start_picnic
@@ -1,5 +1,8 @@
1
1
  require 'casserver/authenticators/ldap'
2
2
 
3
+ # Slightly modified version of the LDAP authenticator for Microsoft's ActiveDirectory.
4
+ # The only difference is that the default_username_attribute for AD is 'sAMAccountName'
5
+ # rather than 'uid'.
3
6
  class CASServer::Authenticators::ActiveDirectoryLDAP < CASServer::Authenticators::LDAP
4
7
  protected
5
8
  def default_username_attribute
@@ -4,10 +4,23 @@ begin
4
4
  require 'net/ldap'
5
5
  rescue LoadError
6
6
  require 'rubygems'
7
- gem 'ruby-net-ldap', '~> 0.0.4'
7
+ begin
8
+ gem 'ruby-net-ldap', '~> 0.0.4'
9
+ rescue Gem::LoadError
10
+ $stderr.puts
11
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
12
+ $stderr.puts
13
+ $stderr.puts "To use the LDAP/AD authenticator, you must first install the 'ruby-net-ldap' gem."
14
+ $stderr.puts
15
+ $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
16
+ exit 1
17
+ end
8
18
  require 'net/ldap'
9
19
  end
10
20
 
21
+ # Basic LDAP authenticator. Should be compatible with OpenLDAP and other similar LDAP servers,
22
+ # although it hasn't been officially tested. See example config file for details on how
23
+ # to configure it.
11
24
  class CASServer::Authenticators::LDAP < CASServer::Authenticators::Base
12
25
  def validate(credentials)
13
26
  read_standard_credentials(credentials)
@@ -0,0 +1,75 @@
1
+ require 'casserver/authenticators/base'
2
+
3
+ require 'digest/sha1'
4
+ require 'digest/sha2'
5
+
6
+ $: << File.dirname(File.expand_path(__FILE__)) + "/../../../vendor/isaac_0.9.1"
7
+ require 'crypt/ISAAC'
8
+
9
+ begin
10
+ require 'active_record'
11
+ rescue LoadError
12
+ require 'rubygems'
13
+ require 'active_record'
14
+ end
15
+
16
+ # This is a more secure version of the SQL authenticator. Passwords are encrypted
17
+ # rather than being stored in plain text.
18
+ #
19
+ # Based on code contributed by Ben Mabey.
20
+ #
21
+ # Using this authenticator requires some configuration on the client side. Please see
22
+ # http://code.google.com/p/rubycas-server/wiki/UsingTheSQLEncryptedAuthenticator
23
+ class CASServer::Authenticators::SQLEncrypted < CASServer::Authenticators::Base
24
+
25
+ def validate(credentials)
26
+ read_standard_credentials(credentials)
27
+
28
+ raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
29
+ raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:database]
30
+
31
+ CASUser.establish_connection @options[:database]
32
+ CASUser.set_table_name @options[:user_table] || "users"
33
+
34
+ username_column = @options[:username_column] || "username"
35
+
36
+ results = CASUser.find(:all, :conditions => ["#{username_column} = ?", @username])
37
+
38
+ if results.size > 0
39
+ $LOG.warn("Multiple matches found for user '#{@username}'") if results.size > 1
40
+ user = results.first
41
+ return user.encrypted_password == user.encrypt(@password)
42
+ else
43
+ return false
44
+ end
45
+ end
46
+
47
+ # Include this module into your application's user model.
48
+ #
49
+ # Your model must have an 'encrypted_password' column where the password will be stored,
50
+ # and an 'encryption_salt' column that will be populated with a random string before
51
+ # the user record is first created.
52
+ module EncryptedPassword
53
+ def self.included(mod)
54
+ raise "#{self} should be inclued in an ActiveRecord class!" unless mod.respond_to?(:before_save)
55
+ mod.before_save :generate_encryption_salt
56
+ end
57
+
58
+ def encrypt(str)
59
+ Digest::SHA256.hexdigest("#{encryption_salt}::#{str}")
60
+ end
61
+
62
+ def password=(password)
63
+ self[:encrypted_password] = encrypt(password)
64
+ end
65
+
66
+ def generate_encryption_salt
67
+ self.encryption_salt = Digest::SHA1.hexdigest(Crypt::ISAAC.new.rand(2**31).to_s) unless
68
+ encryption_salt
69
+ end
70
+ end
71
+
72
+ class CASUser < ActiveRecord::Base
73
+ include EncryptedPassword
74
+ end
75
+ end
@@ -55,7 +55,7 @@ module CASServer::Controllers
55
55
 
56
56
  @lt = lt.ticket
57
57
 
58
- $LOG.debug(env)
58
+ #$LOG.debug(env)
59
59
 
60
60
  # If the 'onlyLoginForm' parameter is specified, we will only return the
61
61
  # login form part of the page. This is useful for when you want to
@@ -95,10 +95,19 @@ module CASServer::Controllers
95
95
  @password = @input['password']
96
96
  @lt = @input['lt']
97
97
 
98
+ # Remove leading and trailing widespace from username.
99
+ @username.strip! if @username
100
+
101
+ if @username && $CONF[:downcase_username]
102
+ $LOG.debug("Converting username #{@username.inspect} to lowercase because 'downcase_username' option is enabled.")
103
+ @username.downcase!
104
+ end
105
+
98
106
  if error = validate_login_ticket(@lt)
99
107
  @message = {:type => 'mistake', :message => error}
100
108
  # generate another login ticket to allow for re-submitting the form
101
109
  @lt = generate_login_ticket.ticket
110
+ @status = 401
102
111
  return render(:login)
103
112
  end
104
113
 
@@ -162,6 +171,7 @@ module CASServer::Controllers
162
171
  else
163
172
  $LOG.warn("Invalid credentials given for user '#{@username}'")
164
173
  @message = {:type => 'mistake', :message => "Incorrect username or password."}
174
+ @status = 401
165
175
  end
166
176
 
167
177
  render :login
@@ -180,8 +190,8 @@ module CASServer::Controllers
180
190
  # "logout" page, we take the user back to the login page with a "you have been logged out"
181
191
  # message, allowing for an opportunity to immediately log back in. This makes it
182
192
  # easier for the user to log out and log in as someone else.
183
- @service = @input['url'] || @input['service']
184
- # TODO: display service name in view as per 2.3.2
193
+ @service = @input['service'] || @input['destination']
194
+ @continue_url = @input['url']
185
195
 
186
196
  @gateway = @input['gateway'] == 'true' || @input['gateway'] == '1'
187
197
 
@@ -208,10 +218,15 @@ module CASServer::Controllers
208
218
 
209
219
  @message = {:type => 'confirmation', :message => "You have successfully logged out."}
210
220
 
221
+ @message[:message] <<
222
+ " Please click on the following link to continue:" if @continue_url
223
+
211
224
  @lt = generate_login_ticket
212
225
 
213
226
  if @gateway && @service
214
227
  redirect(@service, :status => 303)
228
+ elsif @continue_url
229
+ render :logout
215
230
  else
216
231
  render :login
217
232
  end
@@ -291,10 +306,6 @@ module CASServer::Controllers
291
306
  t, @error = validate_proxy_ticket(@service, @ticket)
292
307
  @success = t && !@error
293
308
 
294
- if @success
295
-
296
- end
297
-
298
309
  if @success
299
310
  @username = t.username
300
311
 
@@ -355,7 +366,7 @@ module CASServer::Controllers
355
366
  CASServer::Utils::log_controller_action(self.class, @input)
356
367
  lt = generate_login_ticket
357
368
 
358
- $LOG.debug("Generated login ticket: #{lt}, host: #{env['REMOTE_HOST'] || env['REMOTE_ADDR']}")
369
+ $LOG.debug("Dispensing login ticket #{lt} to host #{(env['REMOTE_HOST'] || env['REMOTE_ADDR']).inspect}")
359
370
 
360
371
  @lt = lt.ticket
361
372
 
@@ -0,0 +1,23 @@
1
+ $: << File.dirname(File.expand_path(__FILE__))
2
+
3
+ # Try to load local version of Picnic if possible (for development purposes)
4
+ $: << File.dirname(File.expand_path(__FILE__))+"/../../../picnic/lib"
5
+ $: << File.dirname(File.expand_path(__FILE__))+"/../../vendor/picnic/lib"
6
+
7
+ begin
8
+ require 'picnic'
9
+ rescue LoadError => e
10
+ # make sure that the LoadError was about picnic and not something else
11
+ raise e unless e.to_s =~ /picnic/
12
+
13
+ require 'rubygems'
14
+
15
+ # make things backwards-compatible for rubygems < 0.9.0
16
+ unless Object.method_defined? :gem
17
+ alias gem require_gem
18
+ end
19
+
20
+ gem 'picnic'
21
+
22
+ require 'picnic'
23
+ end
@@ -10,22 +10,19 @@ module CASServer::Models
10
10
  end
11
11
 
12
12
  class Ticket < Base
13
- self.abstract_class = true
14
13
  def to_s
15
14
  ticket
16
15
  end
17
16
 
18
17
  def self.cleanup_expired(expiry_time)
19
18
  transaction do
20
- expired_tickets = find(:all,
21
- :conditions => ["created_on < ?", Time.now - expiry_time])
19
+ conditions = ["created_on < ?", Time.now - expiry_time]
20
+ expired_tickets_count = count(:conditions => conditions)
22
21
 
23
- $LOG.debug("Destroying #{expired_tickets.size} expired #{self}"+
24
- "#{'s' if expired_tickets.size > 1}.") if expired_tickets.size > 0
22
+ $LOG.debug("Destroying #{expired_tickets_count} expired #{self.name.split('::').last}"+
23
+ "#{'s' if expired_tickets_count > 1}.") if expired_tickets_count > 0
25
24
 
26
- expired_tickets.each do |t|
27
- t.destroy
28
- end
25
+ destroy_all(conditions)
29
26
  end
30
27
  end
31
28
  end
@@ -40,10 +37,16 @@ module CASServer::Models
40
37
  include Consumable
41
38
 
42
39
  def matches_service?(service)
43
- # We ignore the trailing slash in URLs, since
40
+ # Remove CAS-related parameters from the service URL, since they really shoudln't
41
+ # be there (some misbehaving clients include them in the service URL).
42
+ ['service', 'ticket', 'gateway', 'renew'].each do |p|
43
+ service.gsub!(Regexp.new("#{p}=[^&]*"), '')
44
+ end
45
+
46
+ # We ignore the trailing slash and ? in URLs, since
44
47
  # "http://www.google.com/" and "http://www.google.com" are almost
45
48
  # certainly the same service.
46
- self.service.gsub(/\/$/, '') == service.gsub(/\/$/, '')
49
+ self.service.gsub(/[\/\?]$/, '') == service.gsub(/[\/\?]$/, '')
47
50
  end
48
51
  end
49
52
 
@@ -76,45 +79,51 @@ module CASServer::Models
76
79
 
77
80
  class CreateCASServer < V 0.1
78
81
  def self.up
79
- $LOG.info("Migrating database")
80
-
81
- create_table :casserver_login_tickets, :force => true do |t|
82
- t.column :ticket, :string, :null => false
83
- t.column :created_on, :timestamp, :null => false
84
- t.column :consumed, :datetime, :null => true
85
- t.column :client_hostname, :string, :null => false
86
- end
87
-
88
- create_table :casserver_service_tickets, :force => true do |t|
89
- t.column :ticket, :string, :null => false
90
- t.column :service, :string, :null => false
91
- t.column :created_on, :timestamp, :null => false
92
- t.column :consumed, :datetime, :null => true
93
- t.column :client_hostname, :string, :null => false
94
- t.column :username, :string, :null => false
95
- t.column :type, :string, :null => false
96
- t.column :proxy_granting_ticket_id, :integer, :null => true
97
- end
98
-
99
- create_table :casserver_ticket_granting_tickets, :force => true do |t|
100
- t.column :ticket, :string, :null => false
101
- t.column :created_on, :timestamp, :null => false
102
- t.column :client_hostname, :string, :null => false
103
- t.column :username, :string, :null => false
104
- end
82
+ if ActiveRecord::Base.connection.table_alias_length > 30
83
+ $LOG.info("Creating database with long table names...")
84
+
85
+ create_table :casserver_login_tickets, :force => true do |t|
86
+ t.column :ticket, :string, :null => false
87
+ t.column :created_on, :timestamp, :null => false
88
+ t.column :consumed, :datetime, :null => true
89
+ t.column :client_hostname, :string, :null => false
90
+ end
105
91
 
106
- create_table :casserver_proxy_granting_tickets, :force => true do |t|
107
- t.column :ticket, :string, :null => false
108
- t.column :created_on, :timestamp, :null => false
109
- t.column :client_hostname, :string, :null => false
110
- t.column :iou, :string, :null => false
111
- t.column :service_ticket_id, :integer, :null => false
92
+ create_table :casserver_service_tickets, :force => true do |t|
93
+ t.column :ticket, :string, :null => false
94
+ t.column :service, :string, :null => false
95
+ t.column :created_on, :timestamp, :null => false
96
+ t.column :consumed, :datetime, :null => true
97
+ t.column :client_hostname, :string, :null => false
98
+ t.column :username, :string, :null => false
99
+ t.column :type, :string, :null => false
100
+ t.column :proxy_granting_ticket_id, :integer, :null => true
101
+ end
102
+
103
+ create_table :casserver_ticket_granting_tickets, :force => true do |t|
104
+ t.column :ticket, :string, :null => false
105
+ t.column :created_on, :timestamp, :null => false
106
+ t.column :client_hostname, :string, :null => false
107
+ t.column :username, :string, :null => false
108
+ end
109
+
110
+ create_table :casserver_proxy_granting_tickets, :force => true do |t|
111
+ t.column :ticket, :string, :null => false
112
+ t.column :created_on, :timestamp, :null => false
113
+ t.column :client_hostname, :string, :null => false
114
+ t.column :iou, :string, :null => false
115
+ t.column :service_ticket_id, :integer, :null => false
116
+ end
112
117
  end
113
118
  end
114
119
 
115
120
  def self.down
116
- drop_table :casserver_service_tickets
117
- drop_table :casserver_login_tickets
121
+ if ActiveRecord::Base.connection.table_alias_length > 30
122
+ drop_table :casserver_proxy_granting_tickets
123
+ drop_table :casserver_ticket_granting_tickets
124
+ drop_table :casserver_service_tickets
125
+ drop_table :casserver_login_tickets
126
+ end
118
127
  end
119
128
  end
120
129
 
@@ -122,18 +131,60 @@ module CASServer::Models
122
131
  # See http://code.google.com/p/rubycas-server/issues/detail?id=15
123
132
  class ShortenTableNames < V 0.5
124
133
  def self.up
125
- $LOG.info("Shortening table names")
126
- rename_table :casserver_login_tickets, :casserver_lt
127
- rename_table :casserver_service_tickets, :casserver_st
128
- rename_table :casserver_ticket_granting_tickets, :casserver_tgt
129
- rename_table :casserver_proxy_granting_tickets, :casserver_pgt
134
+ if ActiveRecord::Base.connection.table_alias_length > 30
135
+ $LOG.info("Shortening table names")
136
+ rename_table :casserver_login_tickets, :casserver_lt
137
+ rename_table :casserver_service_tickets, :casserver_st
138
+ rename_table :casserver_ticket_granting_tickets, :casserver_tgt
139
+ rename_table :casserver_proxy_granting_tickets, :casserver_pgt
140
+ else
141
+ create_table :casserver_lt, :force => true do |t|
142
+ t.column :ticket, :string, :null => false
143
+ t.column :created_on, :timestamp, :null => false
144
+ t.column :consumed, :datetime, :null => true
145
+ t.column :client_hostname, :string, :null => false
146
+ end
147
+
148
+ create_table :casserver_st, :force => true do |t|
149
+ t.column :ticket, :string, :null => false
150
+ t.column :service, :string, :null => false
151
+ t.column :created_on, :timestamp, :null => false
152
+ t.column :consumed, :datetime, :null => true
153
+ t.column :client_hostname, :string, :null => false
154
+ t.column :username, :string, :null => false
155
+ t.column :type, :string, :null => false
156
+ t.column :proxy_granting_ticket_id, :integer, :null => true
157
+ end
158
+
159
+ create_table :casserver_tgt, :force => true do |t|
160
+ t.column :ticket, :string, :null => false
161
+ t.column :created_on, :timestamp, :null => false
162
+ t.column :client_hostname, :string, :null => false
163
+ t.column :username, :string, :null => false
164
+ end
165
+
166
+ create_table :casserver_pgt, :force => true do |t|
167
+ t.column :ticket, :string, :null => false
168
+ t.column :created_on, :timestamp, :null => false
169
+ t.column :client_hostname, :string, :null => false
170
+ t.column :iou, :string, :null => false
171
+ t.column :service_ticket_id, :integer, :null => false
172
+ end
173
+ end
130
174
  end
131
175
 
132
176
  def self.down
133
- rename_table :casserver_lt, :cassserver_login_tickets
134
- rename_table :casserver_st, :casserver_service_tickets
135
- rename_table :casserver_tgt, :casserver_ticket_granting_tickets
136
- rename_table :casserver_pgt, :casserver_proxy_granting_tickets
177
+ if ActiveRecord::Base.connection.table_alias_length > 30
178
+ rename_table :casserver_lt, :cassserver_login_tickets
179
+ rename_table :casserver_st, :casserver_service_tickets
180
+ rename_table :casserver_tgt, :casserver_ticket_granting_tickets
181
+ rename_table :casserver_pgt, :casserver_proxy_granting_tickets
182
+ else
183
+ drop_table :casserver_pgt
184
+ drop_table :casserver_tgt
185
+ drop_table :casserver_st
186
+ drop_table :casserver_lt
187
+ end
137
188
  end
138
189
  end
139
190
  end