rubycas-server 0.7.1.1 → 1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +292 -0
- data/Gemfile +3 -0
- data/LICENSE +26 -0
- data/README.md +36 -0
- data/Rakefile +0 -3
- data/bin/rubycas-server +24 -19
- data/lib/casserver.rb +7 -110
- data/lib/casserver/authenticators/active_directory_ldap.rb +8 -0
- data/lib/casserver/authenticators/active_resource.rb +125 -0
- data/lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb +43 -0
- data/lib/casserver/authenticators/authlogic_crypto_providers/bcrypt.rb +92 -0
- data/lib/casserver/authenticators/authlogic_crypto_providers/md5.rb +34 -0
- data/lib/casserver/authenticators/authlogic_crypto_providers/sha1.rb +59 -0
- data/lib/casserver/authenticators/authlogic_crypto_providers/sha512.rb +50 -0
- data/lib/casserver/authenticators/base.rb +30 -11
- data/lib/casserver/authenticators/client_certificate.rb +7 -6
- data/lib/casserver/authenticators/google.rb +13 -9
- data/lib/casserver/authenticators/ldap.rb +37 -28
- data/lib/casserver/authenticators/ntlm.rb +9 -9
- data/lib/casserver/authenticators/open_id.rb +3 -3
- data/lib/casserver/authenticators/sql.rb +65 -34
- data/lib/casserver/authenticators/sql_authlogic.rb +93 -0
- data/lib/casserver/authenticators/sql_encrypted.rb +44 -44
- data/lib/casserver/authenticators/sql_md5.rb +2 -2
- data/lib/casserver/authenticators/sql_rest_auth.rb +82 -0
- data/lib/casserver/authenticators/test.rb +10 -7
- data/lib/casserver/cas.rb +94 -94
- data/lib/casserver/localization.rb +91 -0
- data/lib/casserver/model.rb +270 -0
- data/lib/casserver/server.rb +745 -0
- data/lib/casserver/utils.rb +9 -7
- data/lib/casserver/views/_login_form.erb +42 -0
- data/lib/casserver/views/layout.erb +18 -0
- data/lib/casserver/views/login.erb +30 -0
- data/lib/casserver/views/proxy.builder +12 -0
- data/lib/casserver/views/proxy_validate.builder +25 -0
- data/lib/casserver/views/service_validate.builder +18 -0
- data/lib/casserver/views/validate.erb +2 -0
- data/po/de_DE/rubycas-server.po +127 -0
- data/po/es_ES/rubycas-server.po +123 -0
- data/po/fr_FR/rubycas-server.po +128 -0
- data/po/ja_JP/rubycas-server.po +126 -0
- data/po/pl_PL/rubycas-server.po +123 -0
- data/po/pt_BR/rubycas-server.po +123 -0
- data/po/ru_RU/rubycas-server.po +118 -0
- data/po/rubycas-server.pot +112 -0
- data/po/zh_CN/rubycas-server.po +113 -0
- data/po/zh_TW/rubycas-server.po +113 -0
- data/public/themes/cas.css +121 -0
- data/{lib → public}/themes/notice.png +0 -0
- data/{lib → public}/themes/ok.png +0 -0
- data/{lib → public}/themes/simple/bg.png +0 -0
- data/public/themes/simple/favicon.png +0 -0
- data/{lib → public}/themes/simple/login_box_bg.png +0 -0
- data/{lib → public}/themes/simple/logo.png +0 -0
- data/public/themes/simple/theme.css +28 -0
- data/{lib → public}/themes/urbacon/bg.png +0 -0
- data/{lib → public}/themes/urbacon/login_box_bg.png +0 -0
- data/{lib → public}/themes/urbacon/logo.png +0 -0
- data/public/themes/urbacon/theme.css +33 -0
- data/{lib → public}/themes/warning.png +0 -0
- data/resources/init.d.sh +1 -1
- data/rubycas-server.gemspec +57 -0
- data/setup.rb +4 -4
- data/spec/alt_config.yml +50 -0
- data/spec/authenticators/active_resource_spec.rb +109 -0
- data/spec/authenticators/ldap_spec.rb +53 -0
- data/spec/casserver_spec.rb +149 -0
- data/spec/default_config.yml +50 -0
- data/spec/model_spec.rb +42 -0
- data/spec/spec.opts +4 -0
- data/spec/spec_helper.rb +88 -0
- data/spec/utils_spec.rb +53 -0
- data/tasks/bundler.rake +4 -0
- data/tasks/db/migrate.rake +12 -0
- data/tasks/localization.rake +13 -0
- data/tasks/spec.rake +10 -0
- metadata +294 -91
- data/CHANGELOG.txt +0 -1
- data/History.txt +0 -252
- data/LICENSE.txt +0 -504
- data/Manifest.txt +0 -72
- data/PostInstall.txt +0 -3
- data/README.txt +0 -25
- data/bin/rubycas-server-ctl +0 -22
- data/config.example.yml +0 -442
- data/config/hoe.rb +0 -76
- data/config/requirements.rb +0 -15
- data/custom_views.example.rb +0 -11
- data/lib/casserver/conf.rb +0 -112
- data/lib/casserver/controllers.rb +0 -452
- data/lib/casserver/environment.rb +0 -30
- data/lib/casserver/models.rb +0 -218
- data/lib/casserver/postambles.rb +0 -174
- data/lib/casserver/version.rb +0 -9
- data/lib/casserver/views.rb +0 -243
- data/lib/rubycas-server.rb +0 -1
- data/lib/rubycas-server/version.rb +0 -1
- data/lib/themes/cas.css +0 -121
- data/lib/themes/simple/theme.css +0 -28
- data/lib/themes/urbacon/theme.css +0 -33
- data/misc/basic_cas_single_signon_mechanism_diagram.png +0 -0
- data/misc/basic_cas_single_signon_mechanism_diagram.svg +0 -652
- data/script/console +0 -10
- data/script/destroy +0 -14
- data/script/generate +0 -14
- data/script/txt2html +0 -82
- data/tasks/deployment.rake +0 -34
- data/tasks/environment.rake +0 -7
- data/tasks/website.rake +0 -17
- data/vendor/isaac_0.9.1/LICENSE +0 -26
- data/vendor/isaac_0.9.1/README +0 -78
- data/vendor/isaac_0.9.1/TODO +0 -3
- data/vendor/isaac_0.9.1/VERSIONS +0 -3
- data/vendor/isaac_0.9.1/crypt/ISAAC.rb +0 -171
- data/vendor/isaac_0.9.1/isaac.gemspec +0 -39
- data/vendor/isaac_0.9.1/setup.rb +0 -596
- data/vendor/isaac_0.9.1/test/TC_ISAAC.rb +0 -76
- data/website/index.html +0 -40
- data/website/index.txt +0 -3
- data/website/javascripts/rounded_corners_lite.inc.js +0 -285
- data/website/stylesheets/screen.css +0 -138
- data/website/template.html.erb +0 -40
@@ -1,30 +0,0 @@
|
|
1
|
-
$: << File.dirname(File.expand_path(__FILE__))
|
2
|
-
|
3
|
-
# Try to load local version of Picnic if possible (for development purposes)
|
4
|
-
alt_picic_paths = []
|
5
|
-
alt_picic_paths << File.dirname(File.expand_path(__FILE__))+"/../../../picnic/lib"
|
6
|
-
alt_picic_paths << File.dirname(File.expand_path(__FILE__))+"/../../vendor/picnic/lib"
|
7
|
-
|
8
|
-
begin
|
9
|
-
require 'active_record'
|
10
|
-
rescue LoadError
|
11
|
-
require 'rubygems'
|
12
|
-
require 'active_record'
|
13
|
-
end
|
14
|
-
|
15
|
-
if alt_picic_paths.any?{|path| File.exists? "#{path}/picnic.rb" }
|
16
|
-
alt_picic_paths.each{|path| $: << path}
|
17
|
-
require 'picnic'
|
18
|
-
else
|
19
|
-
require 'rubygems'
|
20
|
-
|
21
|
-
# make things backwards-compatible for rubygems < 0.9.0
|
22
|
-
if Object.method_defined?(:require_gem)
|
23
|
-
alias gem require_gem
|
24
|
-
end
|
25
|
-
|
26
|
-
require 'picnic'
|
27
|
-
end
|
28
|
-
|
29
|
-
# used for serializing user extra_attributes (see #service_validate in views.rb)
|
30
|
-
require 'yaml'
|
data/lib/casserver/models.rb
DELETED
@@ -1,218 +0,0 @@
|
|
1
|
-
require 'camping/db'
|
2
|
-
|
3
|
-
module CASServer::Models
|
4
|
-
|
5
|
-
module Consumable
|
6
|
-
def consume!
|
7
|
-
self.consumed = Time.now
|
8
|
-
self.save!
|
9
|
-
end
|
10
|
-
end
|
11
|
-
|
12
|
-
class Ticket < Base
|
13
|
-
def to_s
|
14
|
-
ticket
|
15
|
-
end
|
16
|
-
|
17
|
-
def self.cleanup_expired(expiry_time)
|
18
|
-
transaction do
|
19
|
-
conditions = ["created_on < ?", Time.now - expiry_time]
|
20
|
-
expired_tickets_count = count(:conditions => conditions)
|
21
|
-
|
22
|
-
$LOG.debug("Destroying #{expired_tickets_count} expired #{self.name.split('::').last}"+
|
23
|
-
"#{'s' if expired_tickets_count > 1}.") if expired_tickets_count > 0
|
24
|
-
|
25
|
-
destroy_all(conditions)
|
26
|
-
end
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
class LoginTicket < Ticket
|
31
|
-
set_table_name 'casserver_lt'
|
32
|
-
include Consumable
|
33
|
-
end
|
34
|
-
|
35
|
-
class ServiceTicket < Ticket
|
36
|
-
set_table_name 'casserver_st'
|
37
|
-
include Consumable
|
38
|
-
|
39
|
-
belongs_to :ticket_granting_ticket, :foreign_key => :tgt_id
|
40
|
-
|
41
|
-
def matches_service?(service)
|
42
|
-
CASServer::CAS.clean_service_url(self.service) ==
|
43
|
-
CASServer::CAS.clean_service_url(service)
|
44
|
-
end
|
45
|
-
end
|
46
|
-
|
47
|
-
class ProxyTicket < ServiceTicket
|
48
|
-
belongs_to :proxy_granting_ticket
|
49
|
-
end
|
50
|
-
|
51
|
-
class TicketGrantingTicket < Ticket
|
52
|
-
set_table_name 'casserver_tgt'
|
53
|
-
|
54
|
-
serialize :extra_attributes
|
55
|
-
|
56
|
-
has_many :service_tickets, :foreign_key => :tgt_id
|
57
|
-
end
|
58
|
-
|
59
|
-
class ProxyGrantingTicket < Ticket
|
60
|
-
set_table_name 'casserver_pgt'
|
61
|
-
belongs_to :service_ticket
|
62
|
-
has_many :proxy_tickets, :dependent => :destroy
|
63
|
-
end
|
64
|
-
|
65
|
-
class Error
|
66
|
-
attr_reader :code, :message
|
67
|
-
|
68
|
-
def initialize(code, message)
|
69
|
-
@code = code
|
70
|
-
@message = message
|
71
|
-
end
|
72
|
-
|
73
|
-
def to_s
|
74
|
-
message
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
class CreateCASServer < V 0.1
|
79
|
-
def self.up
|
80
|
-
if ActiveRecord::Base.connection.table_alias_length > 30
|
81
|
-
$LOG.info("Creating database with long table names...")
|
82
|
-
|
83
|
-
create_table :casserver_login_tickets, :force => true do |t|
|
84
|
-
t.column :ticket, :string, :null => false
|
85
|
-
t.column :created_on, :timestamp, :null => false
|
86
|
-
t.column :consumed, :datetime, :null => true
|
87
|
-
t.column :client_hostname, :string, :null => false
|
88
|
-
end
|
89
|
-
|
90
|
-
create_table :casserver_service_tickets, :force => true do |t|
|
91
|
-
t.column :ticket, :string, :null => false
|
92
|
-
t.column :service, :string, :null => false
|
93
|
-
t.column :created_on, :timestamp, :null => false
|
94
|
-
t.column :consumed, :datetime, :null => true
|
95
|
-
t.column :client_hostname, :string, :null => false
|
96
|
-
t.column :username, :string, :null => false
|
97
|
-
t.column :type, :string, :null => false
|
98
|
-
t.column :proxy_granting_ticket_id, :integer, :null => true
|
99
|
-
end
|
100
|
-
|
101
|
-
create_table :casserver_ticket_granting_tickets, :force => true do |t|
|
102
|
-
t.column :ticket, :string, :null => false
|
103
|
-
t.column :created_on, :timestamp, :null => false
|
104
|
-
t.column :client_hostname, :string, :null => false
|
105
|
-
t.column :username, :string, :null => false
|
106
|
-
end
|
107
|
-
|
108
|
-
create_table :casserver_proxy_granting_tickets, :force => true do |t|
|
109
|
-
t.column :ticket, :string, :null => false
|
110
|
-
t.column :created_on, :timestamp, :null => false
|
111
|
-
t.column :client_hostname, :string, :null => false
|
112
|
-
t.column :iou, :string, :null => false
|
113
|
-
t.column :service_ticket_id, :integer, :null => false
|
114
|
-
end
|
115
|
-
end
|
116
|
-
end
|
117
|
-
|
118
|
-
def self.down
|
119
|
-
if ActiveRecord::Base.connection.table_alias_length > 30
|
120
|
-
drop_table :casserver_proxy_granting_tickets
|
121
|
-
drop_table :casserver_ticket_granting_tickets
|
122
|
-
drop_table :casserver_service_tickets
|
123
|
-
drop_table :casserver_login_tickets
|
124
|
-
end
|
125
|
-
end
|
126
|
-
end
|
127
|
-
|
128
|
-
# Oracle table names cannot exceed 30 chars...
|
129
|
-
# See http://code.google.com/p/rubycas-server/issues/detail?id=15
|
130
|
-
class ShortenTableNames < V 0.5
|
131
|
-
def self.up
|
132
|
-
if ActiveRecord::Base.connection.table_alias_length > 30
|
133
|
-
$LOG.info("Shortening table names")
|
134
|
-
rename_table :casserver_login_tickets, :casserver_lt
|
135
|
-
rename_table :casserver_service_tickets, :casserver_st
|
136
|
-
rename_table :casserver_ticket_granting_tickets, :casserver_tgt
|
137
|
-
rename_table :casserver_proxy_granting_tickets, :casserver_pgt
|
138
|
-
else
|
139
|
-
create_table :casserver_lt, :force => true do |t|
|
140
|
-
t.column :ticket, :string, :null => false
|
141
|
-
t.column :created_on, :timestamp, :null => false
|
142
|
-
t.column :consumed, :datetime, :null => true
|
143
|
-
t.column :client_hostname, :string, :null => false
|
144
|
-
end
|
145
|
-
|
146
|
-
create_table :casserver_st, :force => true do |t|
|
147
|
-
t.column :ticket, :string, :null => false
|
148
|
-
t.column :service, :string, :null => false
|
149
|
-
t.column :created_on, :timestamp, :null => false
|
150
|
-
t.column :consumed, :datetime, :null => true
|
151
|
-
t.column :client_hostname, :string, :null => false
|
152
|
-
t.column :username, :string, :null => false
|
153
|
-
t.column :type, :string, :null => false
|
154
|
-
t.column :proxy_granting_ticket_id, :integer, :null => true
|
155
|
-
end
|
156
|
-
|
157
|
-
create_table :casserver_tgt, :force => true do |t|
|
158
|
-
t.column :ticket, :string, :null => false
|
159
|
-
t.column :created_on, :timestamp, :null => false
|
160
|
-
t.column :client_hostname, :string, :null => false
|
161
|
-
t.column :username, :string, :null => false
|
162
|
-
end
|
163
|
-
|
164
|
-
create_table :casserver_pgt, :force => true do |t|
|
165
|
-
t.column :ticket, :string, :null => false
|
166
|
-
t.column :created_on, :timestamp, :null => false
|
167
|
-
t.column :client_hostname, :string, :null => false
|
168
|
-
t.column :iou, :string, :null => false
|
169
|
-
t.column :service_ticket_id, :integer, :null => false
|
170
|
-
end
|
171
|
-
end
|
172
|
-
end
|
173
|
-
|
174
|
-
def self.down
|
175
|
-
if ActiveRecord::Base.connection.table_alias_length > 30
|
176
|
-
rename_table :casserver_lt, :cassserver_login_tickets
|
177
|
-
rename_table :casserver_st, :casserver_service_tickets
|
178
|
-
rename_table :casserver_tgt, :casserver_ticket_granting_tickets
|
179
|
-
rename_table :casserver_pgt, :casserver_proxy_granting_tickets
|
180
|
-
else
|
181
|
-
drop_table :casserver_pgt
|
182
|
-
drop_table :casserver_tgt
|
183
|
-
drop_table :casserver_st
|
184
|
-
drop_table :casserver_lt
|
185
|
-
end
|
186
|
-
end
|
187
|
-
end
|
188
|
-
|
189
|
-
class AddTgtToSt < V 0.7
|
190
|
-
def self.up
|
191
|
-
add_column :casserver_st, :tgt_id, :integer, :null => true
|
192
|
-
end
|
193
|
-
|
194
|
-
def self.down
|
195
|
-
remove_column :casserver_st, :tgt_id, :integer
|
196
|
-
end
|
197
|
-
end
|
198
|
-
|
199
|
-
class ChangeServiceToText < V 0.71
|
200
|
-
def self.up
|
201
|
-
change_column :casserver_st, :service, :text
|
202
|
-
end
|
203
|
-
|
204
|
-
def self.down
|
205
|
-
change_column :casserver_st, :service, :string
|
206
|
-
end
|
207
|
-
end
|
208
|
-
|
209
|
-
class AddExtraAttributes < V 0.72
|
210
|
-
def self.up
|
211
|
-
add_column :casserver_tgt, :extra_attributes, :text
|
212
|
-
end
|
213
|
-
|
214
|
-
def self.down
|
215
|
-
remove_column :casserver_tgt, :extra_attributes
|
216
|
-
end
|
217
|
-
end
|
218
|
-
end
|
data/lib/casserver/postambles.rb
DELETED
@@ -1,174 +0,0 @@
|
|
1
|
-
module CASServer
|
2
|
-
module Postambles
|
3
|
-
|
4
|
-
def webrick
|
5
|
-
require 'webrick/httpserver'
|
6
|
-
require 'webrick/https'
|
7
|
-
require 'camping/webrick'
|
8
|
-
|
9
|
-
# TODO: verify the certificate's validity
|
10
|
-
# example of how to do this is here: http://pablotron.org/download/ruri-20050331.rb
|
11
|
-
|
12
|
-
cert_path = CASServer::Conf.ssl_cert
|
13
|
-
key_path = CASServer::Conf.ssl_key || CASServer::Conf.ssl_cert
|
14
|
-
# look for the key in the ssl_cert if no ssl_key is specified
|
15
|
-
|
16
|
-
webrick_options = {:BindAddress => "0.0.0.0", :Port => CASServer::Conf.port}
|
17
|
-
|
18
|
-
unless cert_path.nil? && key_path.nil?
|
19
|
-
raise "'#{cert_path}' is not a valid ssl certificate. Your 'ssl_cert' configuration" +
|
20
|
-
" setting must be a path to a valid ssl certificate file." unless
|
21
|
-
File.exists? cert_path
|
22
|
-
|
23
|
-
raise "'#{key_path}' is not a valid ssl private key. Your 'ssl_key' configuration" +
|
24
|
-
" setting must be a path to a valid ssl private key file." unless
|
25
|
-
File.exists? key_path
|
26
|
-
|
27
|
-
cert = OpenSSL::X509::Certificate.new(File.read(cert_path))
|
28
|
-
key = OpenSSL::PKey::RSA.new(File.read(key_path))
|
29
|
-
|
30
|
-
webrick_options[:SSLEnable] = true
|
31
|
-
webrick_options[:SSLVerifyClient] = ::OpenSSL::SSL::VERIFY_NONE
|
32
|
-
webrick_options[:SSLCertificate] = cert
|
33
|
-
webrick_options[:SSLPrivateKey] = key
|
34
|
-
end
|
35
|
-
|
36
|
-
begin
|
37
|
-
s = WEBrick::HTTPServer.new(webrick_options)
|
38
|
-
rescue Errno::EACCES
|
39
|
-
puts "\nThe server could not launch. Are you running on a privileged port? (e.g. port 443) If so, you must run the server as root."
|
40
|
-
exit 2
|
41
|
-
end
|
42
|
-
|
43
|
-
CASServer.create
|
44
|
-
s.mount "#{CASServer::Conf.uri_path}", WEBrick::CampingHandler, CASServer
|
45
|
-
|
46
|
-
puts "\n** CASServer is running at http#{webrick_options[:SSLEnable] ? 's' : ''}://#{Socket.gethostname}:#{CASServer::Conf.port}#{CASServer::Conf.uri_path} and logging to '#{CASServer::Conf.log[:file]}'\n\n"
|
47
|
-
|
48
|
-
# This lets Ctrl+C shut down your server
|
49
|
-
trap(:INT) do
|
50
|
-
s.shutdown
|
51
|
-
end
|
52
|
-
trap(:TERM) do
|
53
|
-
s.shutdown
|
54
|
-
end
|
55
|
-
|
56
|
-
if $DAEMONIZE
|
57
|
-
WEBrick::Daemon.start do
|
58
|
-
write_pid_file if $PID_FILE
|
59
|
-
s.start
|
60
|
-
clear_pid_file
|
61
|
-
end
|
62
|
-
else
|
63
|
-
s.start
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
def mongrel
|
70
|
-
require 'rubygems'
|
71
|
-
require 'mongrel/camping'
|
72
|
-
|
73
|
-
if $DAEMONIZE
|
74
|
-
# check if log and pid are writable before daemonizing, otherwise we won't be able to notify
|
75
|
-
# the user if we run into trouble later (since once daemonized, we can't write to stdout/stderr)
|
76
|
-
check_pid_writable if $PID_FILE
|
77
|
-
check_log_writable
|
78
|
-
end
|
79
|
-
|
80
|
-
CASServer.create
|
81
|
-
|
82
|
-
puts "\n** CASServer is starting. Look in '#{CASServer::Conf.log[:file]}' for further notices."
|
83
|
-
|
84
|
-
settings = {:host => "0.0.0.0", :log_file => CASServer::Conf.log[:file], :cwd => $CASSERVER_HOME}
|
85
|
-
|
86
|
-
# need to close all IOs before daemonizing
|
87
|
-
$LOG.close if $DAEMONIZE
|
88
|
-
|
89
|
-
begin
|
90
|
-
config = Mongrel::Configurator.new settings do
|
91
|
-
daemonize :log_file => CASServer::Conf.log[:file], :cwd => $CASSERVER_HOME if $DAEMONIZE
|
92
|
-
|
93
|
-
listener :port => CASServer::Conf.port do
|
94
|
-
uri CASServer::Conf.uri_path, :handler => Mongrel::Camping::CampingHandler.new(CASServer)
|
95
|
-
setup_signals
|
96
|
-
end
|
97
|
-
end
|
98
|
-
rescue Errno::EADDRINUSE
|
99
|
-
exit 1
|
100
|
-
end
|
101
|
-
|
102
|
-
config.run
|
103
|
-
|
104
|
-
CASServer.init_logger
|
105
|
-
CASServer.init_db_logger
|
106
|
-
|
107
|
-
if $DAEMONIZE && $PID_FILE
|
108
|
-
write_pid_file
|
109
|
-
unless File.exists? $PID_FILE
|
110
|
-
$LOG.error "CASServer could not start because pid file '#{$PID_FILE}' could not be created."
|
111
|
-
exit 1
|
112
|
-
end
|
113
|
-
end
|
114
|
-
|
115
|
-
puts "\n** CASServer is running at http://localhost:#{CASServer::Conf.port}#{CASServer::Conf.uri_path} and logging to '#{CASServer::Conf.log[:file]}'"
|
116
|
-
config.join
|
117
|
-
|
118
|
-
clear_pid_file
|
119
|
-
|
120
|
-
puts "\n** CASServer is stopped (#{Time.now})"
|
121
|
-
end
|
122
|
-
|
123
|
-
|
124
|
-
def fastcgi
|
125
|
-
require 'camping/fastcgi'
|
126
|
-
Dir.chdir('/srv/www/camping/casserver/')
|
127
|
-
|
128
|
-
CASServer.create
|
129
|
-
Camping::FastCGI.start(CASServer)
|
130
|
-
end
|
131
|
-
|
132
|
-
|
133
|
-
def cgi
|
134
|
-
CASServer.create
|
135
|
-
puts CASServer.run
|
136
|
-
end
|
137
|
-
|
138
|
-
private
|
139
|
-
def check_log_writable
|
140
|
-
log_file = CASServer::Conf.log['file']
|
141
|
-
begin
|
142
|
-
f = open(log_file, 'w')
|
143
|
-
rescue
|
144
|
-
$stderr.puts "Couldn't write to log file at '#{log_file}' (#{$!})."
|
145
|
-
exit 1
|
146
|
-
end
|
147
|
-
f.close
|
148
|
-
end
|
149
|
-
|
150
|
-
def check_pid_writable
|
151
|
-
$LOG.debug "Checking if pid file '#{$PID_FILE}' is writable"
|
152
|
-
begin
|
153
|
-
f = open($PID_FILE, 'w')
|
154
|
-
rescue
|
155
|
-
$stderr.puts "Couldn't write to log at '#{$PID_FILE}' (#{$!})."
|
156
|
-
exit 1
|
157
|
-
end
|
158
|
-
f.close
|
159
|
-
end
|
160
|
-
|
161
|
-
def write_pid_file
|
162
|
-
$LOG.debug "Writing pid '#{Process.pid}' to pid file '#{$PID_FILE}'"
|
163
|
-
open($PID_FILE, "w") { |file| file.write(Process.pid) }
|
164
|
-
end
|
165
|
-
|
166
|
-
def clear_pid_file
|
167
|
-
if $PID_FILE && File.exists?($PID_FILE)
|
168
|
-
$LOG.debug "Clearing pid file '#{$PID_FILE}'"
|
169
|
-
File.unlink $PID_FILE
|
170
|
-
end
|
171
|
-
end
|
172
|
-
|
173
|
-
end
|
174
|
-
end
|
data/lib/casserver/version.rb
DELETED
data/lib/casserver/views.rb
DELETED
@@ -1,243 +0,0 @@
|
|
1
|
-
# The #.#.# comments (e.g. "2.1.3") refer to section numbers in the CAS protocol spec
|
2
|
-
# under http://www.ja-sig.org/products/cas/overview/protocol/index.html
|
3
|
-
|
4
|
-
# need auto_validation off to render CAS responses and to use the autocomplete='off' property on password field
|
5
|
-
Markaby::Builder.set(:auto_validation, false)
|
6
|
-
|
7
|
-
# disabled XML indentation because it was causing problems with mod_auth_cas
|
8
|
-
#Markaby::Builder.set(:indent, 2)
|
9
|
-
|
10
|
-
module CASServer::Views
|
11
|
-
|
12
|
-
def layout
|
13
|
-
# wrap as XHTML only when auto_validation is on, otherwise pass right through
|
14
|
-
if @use_layout
|
15
|
-
xhtml_strict do
|
16
|
-
head do
|
17
|
-
title { "#{organization} Central Login" }
|
18
|
-
link(:rel => "stylesheet", :type => "text/css", :href => "/themes/cas.css")
|
19
|
-
link(:rel => "stylesheet", :type => "text/css", :href => "/themes/#{current_theme}/theme.css")
|
20
|
-
end
|
21
|
-
body(:onload => "if (document.getElementById('username')) document.getElementById('username').focus()") do
|
22
|
-
self << yield
|
23
|
-
end
|
24
|
-
end
|
25
|
-
else
|
26
|
-
self << yield
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
|
31
|
-
# 2.1.3
|
32
|
-
# The full login page.
|
33
|
-
def login
|
34
|
-
@use_layout = true
|
35
|
-
|
36
|
-
table(:id => "login-box") do
|
37
|
-
tr do
|
38
|
-
td(:colspan => 2) do
|
39
|
-
div(:id => "headline-container") do
|
40
|
-
strong organization
|
41
|
-
text " Central Login"
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|
45
|
-
if @message
|
46
|
-
tr do
|
47
|
-
td(:colspan => 2, :id => "messagebox-container") do
|
48
|
-
div(:class => "messagebox #{@message[:type]}") { @message[:message] }
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
tr do
|
53
|
-
td(:id => "logo-container") do
|
54
|
-
img(:id => "logo", :src => "/themes/#{current_theme}/logo.png")
|
55
|
-
end
|
56
|
-
td(:id => "login-form-container") do
|
57
|
-
@include_infoline = true
|
58
|
-
login_form
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
# Just the login form.
|
65
|
-
def login_form
|
66
|
-
form(:method => "post", :action => @form_action || '/login', :id => "login-form",
|
67
|
-
:onsubmit => "submitbutton = document.getElementById('login-submit'); submitbutton.value='Please wait...'; submitbutton.disabled=true; return true;") do
|
68
|
-
table(:id => "form-layout") do
|
69
|
-
tr do
|
70
|
-
td(:id => "username-label-container") do
|
71
|
-
label(:id => "username-label", :for => "username") { "Username" }
|
72
|
-
end
|
73
|
-
td(:id => "username-container") do
|
74
|
-
input(:type => "text", :id => "username", :name => "username",
|
75
|
-
:size => "32", :tabindex => "1", :accesskey => "u")
|
76
|
-
end
|
77
|
-
end
|
78
|
-
tr do
|
79
|
-
td(:id => "password-label-container") do
|
80
|
-
label(:id => "password-label", :for => "password") { "Password" }
|
81
|
-
end
|
82
|
-
td(:id => "password-container") do
|
83
|
-
input(:type => "password", :id => "password", :name => "password",
|
84
|
-
:size => "32", :tabindex => "2", :accesskey => "p", :autocomplete => "off")
|
85
|
-
end
|
86
|
-
end
|
87
|
-
tr do
|
88
|
-
td{}
|
89
|
-
td(:id => "submit-container") do
|
90
|
-
input(:type => "hidden", :id => "lt", :name => "lt", :value => @lt)
|
91
|
-
input(:type => "hidden", :id => "service", :name => "service", :value => @service)
|
92
|
-
input(:type => "submit", :class => "button", :accesskey => "l", :value => "LOGIN", :tabindex => "4", :id => "login-submit")
|
93
|
-
end
|
94
|
-
end
|
95
|
-
tr do
|
96
|
-
td(:colspan => 2, :id => "infoline") { infoline }
|
97
|
-
end if @include_infoline
|
98
|
-
end
|
99
|
-
end
|
100
|
-
end
|
101
|
-
|
102
|
-
# 2.3.2
|
103
|
-
def logout
|
104
|
-
@use_layout = true
|
105
|
-
|
106
|
-
table(:id => "login-box") do
|
107
|
-
tr do
|
108
|
-
td(:colspan => 2) do
|
109
|
-
div(:id => "headline-container") do
|
110
|
-
strong organization
|
111
|
-
text " Central Login"
|
112
|
-
end
|
113
|
-
end
|
114
|
-
end
|
115
|
-
if @message
|
116
|
-
tr do
|
117
|
-
td(:colspan => 2, :id => "messagebox-container") do
|
118
|
-
div(:class => "messagebox #{@message[:type]}") { @message[:message] }
|
119
|
-
if @continue_url
|
120
|
-
p do
|
121
|
-
a(:href => @continue_url) { @continue_url }
|
122
|
-
end
|
123
|
-
end
|
124
|
-
end
|
125
|
-
end
|
126
|
-
end
|
127
|
-
end
|
128
|
-
end
|
129
|
-
|
130
|
-
# 2.4.2
|
131
|
-
# CAS 1.0 validate response.
|
132
|
-
def validate
|
133
|
-
if @success
|
134
|
-
text "yes\n#{@username}\n"
|
135
|
-
else
|
136
|
-
text "no\n\n"
|
137
|
-
end
|
138
|
-
end
|
139
|
-
|
140
|
-
# 2.5.2
|
141
|
-
# CAS 2.0 service validate response.
|
142
|
-
def service_validate
|
143
|
-
if @success
|
144
|
-
tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
|
145
|
-
tag!("cas:authenticationSuccess") do
|
146
|
-
tag!("cas:user") {@username.to_s.to_xs}
|
147
|
-
@extra_attributes.each do |key, value|
|
148
|
-
tag!(key) {serialize_extra_attribute(value)}
|
149
|
-
end
|
150
|
-
if @pgtiou
|
151
|
-
tag!("cas:proxyGrantingTicket") {@pgtiou.to_s.to_xs}
|
152
|
-
end
|
153
|
-
end
|
154
|
-
end
|
155
|
-
else
|
156
|
-
tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
|
157
|
-
tag!("cas:authenticationFailure", :code => @error.code) {@error.to_s.to_xs}
|
158
|
-
end
|
159
|
-
end
|
160
|
-
end
|
161
|
-
|
162
|
-
# 2.6.2
|
163
|
-
# CAS 2.0 proxy validate response.
|
164
|
-
def proxy_validate
|
165
|
-
if @success
|
166
|
-
tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
|
167
|
-
tag!("cas:authenticationSuccess") do
|
168
|
-
tag!("cas:user") {@username.to_s.to_xs}
|
169
|
-
@extra_attributes.each do |key, value|
|
170
|
-
tag!(key) {serialize_extra_attribute(value)}
|
171
|
-
end
|
172
|
-
if @pgtiou
|
173
|
-
tag!("cas:proxyGrantingTicket") {@pgtiou.to_s.to_xs}
|
174
|
-
end
|
175
|
-
if @proxies && !@proxies.empty?
|
176
|
-
tag!("cas:proxies") do
|
177
|
-
@proxies.each do |proxy_url|
|
178
|
-
tag!("cas:proxy") {proxy_url.to_s.to_xs}
|
179
|
-
end
|
180
|
-
end
|
181
|
-
end
|
182
|
-
end
|
183
|
-
end
|
184
|
-
else
|
185
|
-
tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
|
186
|
-
tag!("cas:authenticationFailure", :code => @error.code) {@error.to_s.to_xs}
|
187
|
-
end
|
188
|
-
end
|
189
|
-
end
|
190
|
-
|
191
|
-
# 2.7.2
|
192
|
-
# CAS 2.0 proxy request response.
|
193
|
-
def proxy
|
194
|
-
if @success
|
195
|
-
tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
|
196
|
-
tag!("cas:proxySuccess") do
|
197
|
-
tag!("cas:proxyTicket") {@pt.to_s.to_xs}
|
198
|
-
end
|
199
|
-
end
|
200
|
-
else
|
201
|
-
tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
|
202
|
-
tag!("cas:proxyFailure", :code => @error.code) {@error.to_s.to_xs}
|
203
|
-
end
|
204
|
-
end
|
205
|
-
end
|
206
|
-
|
207
|
-
def configure
|
208
|
-
end
|
209
|
-
|
210
|
-
protected
|
211
|
-
def themes_dir
|
212
|
-
File.dirname(File.expand_path(__FILE__))+'../themes'
|
213
|
-
end
|
214
|
-
module_function :themes_dir
|
215
|
-
|
216
|
-
def current_theme
|
217
|
-
CASServer::Conf.theme || "simple"
|
218
|
-
end
|
219
|
-
module_function :current_theme
|
220
|
-
|
221
|
-
def organization
|
222
|
-
CASServer::Conf.organization || ""
|
223
|
-
end
|
224
|
-
module_function :organization
|
225
|
-
|
226
|
-
def infoline
|
227
|
-
CASServer::Conf.infoline || ""
|
228
|
-
end
|
229
|
-
module_function :infoline
|
230
|
-
|
231
|
-
def serialize_extra_attribute(value)
|
232
|
-
if value.kind_of?(String) || value.kind_of?(Numeric)
|
233
|
-
value
|
234
|
-
else
|
235
|
-
"<![CDATA[#{value.to_yaml}]]>"
|
236
|
-
end
|
237
|
-
end
|
238
|
-
module_function :serialize_extra_attribute
|
239
|
-
end
|
240
|
-
|
241
|
-
if CASServer::Conf.custom_views_file
|
242
|
-
require CASServer::Conf.custom_views_file
|
243
|
-
end
|