rubycas-server 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/CHANGELOG.txt CHANGED
@@ -1,13 +1,56 @@
1
- === 0.2.0 ::
1
+ === 0.3.0 :: 2007-03-29
2
+
3
+ * Fixed glaring security problem with LDAP/AD Authenticator where under some
4
+ circumstances blank passwords were accepted as valid.
5
+ * Autocomplete has been turned off on the password field for better security.
6
+ In the future we may allow autocomplete to be re-enabled using a
7
+ configuration setting.
8
+ * When the user visits the login page and is already authenticated (i.e. they
9
+ have a valid ticket granting cookie), a message is shown at the top
10
+ indicating that they are already logged in.
11
+ * sqlite3-ruby is no longer required by the gem as a dependency. The user
12
+ must now install it manually prior to installing rubycas-server. The
13
+ building of sqlite3 native extensions appears to be somewhat flakey
14
+ and probably defeats the original purpose of using it (which was
15
+ to have a CAS server up and running with no additional DB configuration).
16
+ We will use MySQL as the default database adapter instead, since it does
17
+ not require additional libraries and many users will have a MySQL server
18
+ already available.
19
+ * Fixed bug that was causing all proxy-granting tickets to be deleted whenever
20
+ any user logged out. Only the PGTs for the user that is logging out are now
21
+ being deleted.
22
+ * Trailing slashes in service URLs are now ignored when validating service
23
+ and proxy tickets (e.g. "http://www.google.com" and "http://www.google.com/"
24
+ are now considered to be the same service URL).
25
+ * Authenticators now raise AuthenticatorError exceptions when encountering
26
+ a problem/error. This makes it easier to send feedback to the user.
27
+ However, other exceptions should still be raised when errors ought
28
+ not be recoverable (i.e. programming errors).
29
+ * Fixed serious vulnerability in LDAP authenticator where under some
30
+ cirumstances the user could just enter '*' as their username to match
31
+ any username. The LDAP authenticator will now refuse to process logins
32
+ with usernames that contain the characters * ( ) \ / and the NULL
33
+ character \0.
34
+ * Views are no longer xhtml-validated. Markaby's auto-validation was turned
35
+ off to allow for use of the autocomplete property on inputs, since this is
36
+ the only viable way of turning off password storage in IE and Firefox at
37
+ the page level.
38
+ * You can now limit the maximum length of a login session by setting the
39
+ expire_sessions config setting to true.
40
+ * Fixed some minor bugs in the login view.
41
+
42
+
43
+ === 0.2.0 :: 2007-03-20
2
44
 
3
45
  * ruby-casserver now behaves more like a real command-line app, accepting
4
46
  various command line arguments including -h (help), -v (version), -c (use
5
- an alternate config.yml), and -d (daemonize, when using webrick or mongrel mode)
6
- * special characters in CAS XML responses are now properly encoded into XML
47
+ an alternate config.yml), and -d (daemonize, when using webrick or mongrel
48
+ mode).
49
+ * Special characters in CAS XML responses are now properly encoded into XML
7
50
  entities
8
51
  * CAS XML responses are no longer auto-indented... Markaby's indentation
9
- seemed to be causing problems with the PHP CAS client
10
- * Misc minor bug fixes/cleanup
52
+ seemed to be causing problems with the PHP CAS client.
53
+ * Misc minor bug fixes/cleanup.
11
54
 
12
55
  === 0.1.0 :: 2007-03-01
13
56
 
data/Manifest.txt CHANGED
@@ -20,6 +20,7 @@ lib/casserver/utils.rb
20
20
  lib/casserver/version.rb
21
21
  lib/casserver/views.rb
22
22
  lib/themes/cas.css
23
+ lib/themes/notice.png
23
24
  lib/themes/ok.png
24
25
  lib/themes/simple/bg.png
25
26
  lib/themes/simple/login_box_bg.png
data/Rakefile CHANGED
@@ -20,8 +20,9 @@ HOMEPATH = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
20
20
 
21
21
  DEPS = [
22
22
  ['camping', '>= 1.5'],
23
- ['sqlite3-ruby', '>= 1.2.0'],
24
- ['activesupport', '>= 1.4.0']
23
+ # ['sqlite3-ruby', '>= 1.2.0'],
24
+ ['activesupport', '>= 1.4.0'],
25
+ ['activerecord', '>=1.15.3']
25
26
  ]
26
27
 
27
28
 
data/config.example.yml CHANGED
@@ -47,22 +47,28 @@ ssl_cert: /path/to/your/ssl.pem
47
47
 
48
48
  # Set up the database connection. Make sure that this database is secure!
49
49
  #
50
- # By default, we use sqlite3 since it works without any extra configuration.
51
- # You can also use MySQL, PostgreSQL, MSSQL, or anything else supported by ActiveRecord.
50
+ # By default, we use MySQL, since it is widely used and does not require any additional
51
+ # ruby libraries besides ActiveRecord.
52
+ #
53
+ # Instead of MySQL you can use SQLite3, PostgreSQL, MSSQL, or anything else supported
54
+ # by ActiveRecord.
52
55
  #
53
56
  # For example, with MySQL, your config wold be something like:
54
- #
55
- #database:
56
- # adapter: mysql
57
- # database: casserver
58
- # user: root
59
- # password:
60
- # server: localhost
61
- #
62
57
 
63
58
  database:
64
- adapter: sqlite3
65
- dbfile: /var/lib/casserver.db
59
+ adapter: mysql
60
+ database: casserver
61
+ username: root
62
+ password:
63
+ server: localhost
64
+
65
+ # If you prefer to use SQLite3 (which does not require a separate database server),
66
+ # your configuration would look something like the following (don't forget to install
67
+ # the sqlite3-ruby gem beforehand!):
68
+ #
69
+ #database:
70
+ # adapter: sqlite3
71
+ # dbfile: /var/lib/casserver.db
66
72
 
67
73
 
68
74
  ##### AUTHENTICATION #################################################################
@@ -163,7 +169,7 @@ database:
163
169
  #
164
170
  # Custom themes are not well supported yet, but will be in the near future. In the
165
171
  # meantime, if you want to create a custom theme, you can create a subdirectory
166
- # under the CASServer's themes dir (for example '/usr/lib/ruby/1.8/gems/casserver-xxx/lib/themes',
172
+ # under the CASServer's themes dir (for example, '/usr/lib/ruby/1.8/gems/casserver-xxx/lib/themes',
167
173
  # if you installed CASServer on Linux as a gem). A theme is basically just a theme.css
168
174
  # file that overrides the themes/cas.css styles along with a collection of image files
169
175
  # like logo.png and bg.png.
@@ -194,4 +200,28 @@ log:
194
200
  # Every SQL query will be logged here. This is useful for debugging database problems.
195
201
  #
196
202
  #db_log:
197
- # file: /var/log/casserver_db.log
203
+ # file: /var/log/casserver_db.log
204
+
205
+
206
+ ##### OTHER ###########################################################################
207
+
208
+ # You can set various ticket expiry times (specify the value in seconds).
209
+
210
+ # Expired login and service tickets are no longer usable this many seconds after they
211
+ # are created. (Defaults to 5 minutes)
212
+
213
+ #login_ticket_expiry: 300
214
+ #service_ticket_expiry: 300
215
+
216
+ # Proxy- and ticket-granting tickets do not expire -- normally they are made invalid only
217
+ # when the user logs out. But the server must periodically delete them to prevent buildup of
218
+ # stale data. PGTs and TGTs will be deleted during server startup if they are this many
219
+ # seconds old. (Defaults to 48 hours)
220
+
221
+ #proxy_granting_ticket_expiry: 172800
222
+ #ticket_granting_ticket_expiry: 172800
223
+
224
+ # If you would prefer that ticket-granting ticket expiry be enforced (in effect limiting
225
+ # the maximum length of a session), you can set expire_sessions to true.
226
+
227
+ # expire_sessions: false
@@ -19,4 +19,7 @@ module CASServer
19
19
  end
20
20
  end
21
21
  end
22
+
23
+ class AuthenticatorError < Exception
24
+ end
22
25
  end
@@ -12,16 +12,20 @@ class CASServer::Authenticators::LDAP < CASServer::Authenticators::Base
12
12
  def validate(credentials)
13
13
  read_standard_credentials(credentials)
14
14
 
15
- raise "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
16
- raise "Invalid authenticator configuration!" unless @options[:ldap]
17
- raise "You must specify an ldap server in the configuration!" unless @options[:ldap][:server]
15
+ return false if @password.blank?
16
+
17
+ raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
18
+ raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:ldap]
19
+ raise CASServer::AuthenticatorError, "You must specify an ldap server in the configuration!" unless @options[:ldap][:server]
20
+
21
+ raise CASServer::AuthenticatorError, "The username '#{@username}' contains invalid characters." if (@username =~ /[*\(\)\\\0\/]/)
18
22
 
19
23
  ldap = Net::LDAP.new
20
24
  ldap.host = @options[:ldap][:server]
21
25
  ldap.port = @options[:ldap][:port] if @options[:ldap][:port]
22
26
 
23
27
  if @options[:ldap][:auth_user]
24
- raise "A password must be specified in the configuration for the authenticator user!" unless @options[:ldap][:auth_password]
28
+ raise CASServer::AuthenticatorError, "A password must be specified in the configuration for the authenticator user!" unless @options[:ldap][:auth_password]
25
29
  ldap.authenticate(@options[:ldap][:auth_user], @options[:ldap][:auth_password])
26
30
  end
27
31
 
@@ -12,8 +12,8 @@ class CASServer::Authenticators::SQL < CASServer::Authenticators::Base
12
12
  def validate(credentials)
13
13
  read_standard_credentials(credentials)
14
14
 
15
- raise "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
16
- raise "Invalid authenticator configuration!" unless @options[:database]
15
+ raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
16
+ raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:database]
17
17
 
18
18
  CASUser.establish_connection @options[:database]
19
19
  CASUser.set_table_name @options[:user_table] || "users"
@@ -3,6 +3,9 @@ require 'casserver/authenticators/base'
3
3
  class CASServer::Authenticators::Test < CASServer::Authenticators::Base
4
4
  def validate(credentials)
5
5
  read_standard_credentials(credentials)
6
+
7
+ raise CASServer::AuthenticatorError, "Username is 'do_error'!" if @username == 'do_error'
8
+
6
9
  return @username == "testuser" && @password == "testpassword"
7
10
  end
8
11
  end
data/lib/casserver/cas.rb CHANGED
@@ -90,7 +90,7 @@ module CASServer::CAS
90
90
  if response.code.to_i == 200
91
91
  # 3.4 (proxy-granting ticket IOU)
92
92
  pgt.save!
93
- $LOG.debug "PGT generated for pgt_url '#{pgt_url}'. PGT is: '#{pgt.ticket}', PGT-IOU is: '#{pgt.iou}'"
93
+ $LOG.debug "PGT generated for pgt_url '#{pgt_url}': #{pgt.inspect}"
94
94
  pgt
95
95
  else
96
96
  $LOG.warn "PGT callback server responded with a bad result code '#{response.code}'. PGT will not be stored."
@@ -112,7 +112,7 @@ module CASServer::CAS
112
112
  elsif Time.now - lt.created_on < CASServer::Conf.login_ticket_expiry
113
113
  $LOG.info("Login ticket '#{ticket}' successfully validated")
114
114
  else
115
- error = "Your login ticket has expired."
115
+ error = "Your login ticket has expired."
116
116
  $LOG.warn("Expired login ticket '#{ticket}'")
117
117
  end
118
118
  else
@@ -132,7 +132,12 @@ module CASServer::CAS
132
132
  error = "No ticket granting ticket given."
133
133
  $LOG.debug(error)
134
134
  elsif tgt = TicketGrantingTicket.find_by_ticket(ticket)
135
- $LOG.info("Ticket granting ticket '#{ticket}' for user '#{tgt.username}' successfully validated.")
135
+ if CASServer::Conf.expire_sessions && Time.now - tgt.created_on > CASServer::Conf.ticket_granting_ticket_expiry
136
+ error = "Your session has expired. Please log in again."
137
+ $LOG.info("Ticket granting ticket '#{ticket}' for user '#{tgt.username}' expired.")
138
+ else
139
+ $LOG.info("Ticket granting ticket '#{ticket}' for user '#{tgt.username}' successfully validated.")
140
+ end
136
141
  else
137
142
  error = "Invalid ticket granting ticket '#{ticket}' (no matching ticket found in the database)."
138
143
  $LOG.warn(error)
@@ -157,7 +162,7 @@ module CASServer::CAS
157
162
  elsif Time.now - st.created_on > CASServer::Conf.service_ticket_expiry
158
163
  error = Error.new("INVALID_TICKET", "Ticket '#{ticket}' has expired.")
159
164
  $LOG.warn("Ticket '#{ticket}' has expired.")
160
- elsif st.service == service
165
+ elsif st.matches_service? service
161
166
  $LOG.info("Ticket '#{ticket}' for service '#{service}' for user '#{st.username}' successfully validated.")
162
167
  else
163
168
  error = Error.new("INVALID_SERVICE", "The ticket '#{ticket}' belonging to user '#{st.username}' is valid,"+
@@ -215,10 +220,19 @@ module CASServer::CAS
215
220
  raise ArgumentError, "Second argument must be a ServiceTicket!" unless st.kind_of? CASServer::Models::ServiceTicket
216
221
 
217
222
  service_uri = URI.parse(service)
218
- query_separator = service_uri.query ? "&" : "?"
223
+
224
+ if service.include? "?"
225
+ if service_uri.query.empty?
226
+ query_separator = ""
227
+ else
228
+ query_separator = "&"
229
+ end
230
+ else
231
+ query_separator = "?"
232
+ end
219
233
 
220
234
  service_with_ticket = service + query_separator + "ticket=" + st.ticket
221
235
  service_with_ticket
222
236
  end
223
237
 
224
- end
238
+ end
@@ -62,6 +62,7 @@ end
62
62
  module CASServer
63
63
  module Conf
64
64
  DEFAULTS = {
65
+ :expire_sessions => false,
65
66
  :login_ticket_expiry => 5.minutes,
66
67
  :service_ticket_expiry => 5.minutes, # CAS Protocol Spec, sec. 3.2.1 (recommended expiry time)
67
68
  :proxy_granting_ticket_expiry => 48.hours,
@@ -79,4 +80,4 @@ module CASServer
79
80
  self[method]
80
81
  end
81
82
  end
82
- end
83
+ end
@@ -19,14 +19,19 @@ module CASServer::Controllers
19
19
  @renew = @input['renew']
20
20
  @gateway = @input['gateway']
21
21
 
22
- if @service && !@renew && tgc = @cookies[:tgt]
23
- tgt, error = validate_ticket_granting_ticket(tgc)
24
- if tgt && !error
25
- st = generate_service_ticket(@service, tgt.username)
26
- service_with_ticket = service_uri_with_ticket(@service, st)
27
- $LOG.info("User '#{tgt.username}' authenticated based on ticket granting cookie. Redirecting to service '#{@service}'.")
28
- return redirect(service_with_ticket, :status => 303) # response code 303 means "See Other" (see Appendix B in CAS Protocol spec)
29
- end
22
+ if tgc = @cookies[:tgt]
23
+ tgt, tgt_error = validate_ticket_granting_ticket(tgc)
24
+ end
25
+
26
+ if tgt and !tgt_error
27
+ @message = {:type => 'notice', :message => %{You are currently logged in as "#{tgt.username}". If you are not you, please log in below.}}
28
+ end
29
+
30
+ if @service && !@renew && tgt && !tgt_error
31
+ st = generate_service_ticket(@service, tgt.username)
32
+ service_with_ticket = service_uri_with_ticket(@service, st)
33
+ $LOG.info("User '#{tgt.username}' authenticated based on ticket granting cookie. Redirecting to service '#{@service}'.")
34
+ return redirect(service_with_ticket, :status => 303) # response code 303 means "See Other" (see Appendix B in CAS Protocol spec)
30
35
  end
31
36
 
32
37
  lt = generate_login_ticket
@@ -51,6 +56,8 @@ module CASServer::Controllers
51
56
 
52
57
  if error = validate_login_ticket(@lt)
53
58
  @message = {:type => 'mistake', :message => error}
59
+ # generate another login ticket to allow for re-submitting the form
60
+ @lt = generate_login_ticket.ticket
54
61
  return render(:login)
55
62
  end
56
63
 
@@ -61,13 +68,32 @@ module CASServer::Controllers
61
68
 
62
69
  $LOG.debug("Logging in with username: #{@username}, lt: #{@lt}, service: #{@service}, auth: #{$AUTH}")
63
70
 
64
- if $AUTH.validate(:username => @username, :password => @password)
71
+ begin
72
+ credentials_are_valid = $AUTH.validate(:username => @username, :password => @password)
73
+ rescue AuthenticatorError => e
74
+ $LOG.error(e)
75
+ @message = {:type => 'mistake', :message => e.to_s}
76
+ render :login and return
77
+ end
78
+
79
+ if credentials_are_valid
65
80
  $LOG.info("Credentials for username '#{@username}' successfully validated")
66
81
 
67
82
  # 3.6 (ticket-granting cookie)
68
83
  tgt = generate_ticket_granting_ticket(@username)
84
+
85
+ if CASServer::Conf.expire_sessions
86
+ expires = CASServer::Conf.ticket_granting_ticket_expiry.to_i.from_now
87
+ expiry_info = " It will expire on #{expires}."
88
+ else
89
+ expiry_info = " It will not expire."
90
+ end
91
+
92
+ # TODO: Set expiry time for the cookie when expire_sessions is true. Unfortunately there doesn't
93
+ # seem to be an easy way to set cookie expire times in Camping :(
69
94
  @cookies[:tgt] = tgt.to_s
70
- $LOG.debug("Ticket granting cookie '#{@cookies[:tgt]}' granted to '#{@username}'")
95
+
96
+ $LOG.debug("Ticket granting cookie '#{@cookies[:tgt]}' granted to '#{@username}'. #{expiry_info}")
71
97
 
72
98
  if @service.blank?
73
99
  $LOG.info("Successfully authenticated user '#{@username}' at '#{tgt.client_hostname}'. No service param was given, so we will not redirect.")
@@ -106,13 +132,16 @@ module CASServer::Controllers
106
132
  @cookies.delete :tgt
107
133
 
108
134
  if tgt
109
- pgts = CASServer::Models::ProxyGrantingTicket.find(:all, ["username = ?", tgt.username])
135
+ pgts = CASServer::Models::ProxyGrantingTicket.find(:all,
136
+ :conditions => ["username = ?", tgt.username],
137
+ :include => :service_ticket)
110
138
  pgts.each do |pgt|
139
+ $LOG.debug("Deleting Proxy-Granting Ticket '#{pgt}' for user '#{pgt.service_ticket.username}'")
111
140
  pgt.destroy
112
- $LOG.debug("Deleting Proxy-Granting Ticket '#{pgt}' for user '#{tgt.username}'")
113
141
  end
114
142
 
115
143
  $LOG.debug("Deleting Ticket-Granting Ticket '#{tgt}' for user '#{tgt.username}'")
144
+ tgt.destroy
116
145
 
117
146
  $LOG.info("User '#{tgt.username}' logged out.")
118
147
  else
@@ -36,6 +36,13 @@ module CASServer::Models
36
36
 
37
37
  class ServiceTicket < Ticket
38
38
  include Consumable
39
+
40
+ def matches_service?(service)
41
+ # We ignore the trailing slash in URLs, since
42
+ # "http://www.google.com/" and "http://www.google.com" are almost
43
+ # certainly the same service.
44
+ self.service.gsub(/\/$/, '') == service.gsub(/\/$/, '')
45
+ end
39
46
  end
40
47
 
41
48
  class ProxyTicket < ServiceTicket
@@ -110,4 +110,4 @@ module CASServer
110
110
  end
111
111
 
112
112
  end
113
- end
113
+ end
@@ -1,7 +1,7 @@
1
1
  module CASServer
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 0
4
- MINOR = 2
4
+ MINOR = 3
5
5
  TINY = 0
6
6
 
7
7
  STRING = [MAJOR, MINOR, TINY].join('.')
@@ -1,14 +1,16 @@
1
1
  # The #.#.# comments (e.g. "2.1.3") refer to section numbers in the CAS protocol spec
2
2
  # under http://www.ja-sig.org/products/cas/overview/protocol/index.html
3
3
 
4
- module CASServer::Views
4
+ # need auto_validation off to render CAS responses and to use the autocomplete='off' property on password field
5
+ Markaby::Builder.set(:auto_validation, false)
6
+ Markaby::Builder.set(:indent, 2)
5
7
 
6
- # need to turn off autovalidation to render CAS xml responses
7
- #
8
+ module CASServer::Views
8
9
 
9
10
  def layout
11
+
10
12
  # wrap as XHTML only when auto_validation is on, otherwise pass right through
11
- if @auto_validation
13
+ if @use_layout
12
14
  xhtml_strict do
13
15
  head do
14
16
  title { "#{organization} Central Login" }
@@ -27,12 +29,14 @@ module CASServer::Views
27
29
 
28
30
  # 2.1.3
29
31
  def login
32
+ @use_layout = true
33
+
30
34
  table(:id => "login-box") do
31
35
  tr do
32
36
  td(:colspan => 2) do
33
37
  div(:id => "headline-container") do
34
38
  strong organization
35
- text "Central Login"
39
+ text " Central Login"
36
40
  end
37
41
  end
38
42
  end
@@ -56,7 +60,8 @@ module CASServer::Views
56
60
  label(:id => "username-label", :for => "username") { "Username" }
57
61
  end
58
62
  td(:id => "username-container") do
59
- input(:type => "text", :id => "username", :name => "username", :size => "32", :tabindex => "1", :accesskey => "n")
63
+ input(:type => "text", :id => "username", :name => "username",
64
+ :size => "32", :tabindex => "1", :accesskey => "u")
60
65
  end
61
66
  end
62
67
  tr do
@@ -64,7 +69,8 @@ module CASServer::Views
64
69
  label(:id => "password-label", :for => "password") { "Password" }
65
70
  end
66
71
  td(:id => "password-container") do
67
- input(:type => "password", :id => "password", :name => "password", :size => "32", :tabindex => "2", :accesskey => "p")
72
+ input(:type => "password", :id => "password", :name => "password",
73
+ :size => "32", :tabindex => "2", :accesskey => "p", :autocomplete => "off")
68
74
  end
69
75
  end
70
76
  tr do
@@ -88,7 +94,6 @@ module CASServer::Views
88
94
 
89
95
  # 2.4.2
90
96
  def validate
91
- @auto_validation = false
92
97
  if @success
93
98
  text "yes\n#{@username}\n"
94
99
  else
@@ -98,7 +103,6 @@ module CASServer::Views
98
103
 
99
104
  # 2.5.2
100
105
  def service_validate
101
- @auto_validation = false
102
106
  if @success
103
107
  tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
104
108
  tag!("cas:authenticationSuccess") do
@@ -117,7 +121,6 @@ module CASServer::Views
117
121
 
118
122
  # 2.6.2
119
123
  def proxy_validate
120
- @auto_validation = false
121
124
  if @success
122
125
  tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
123
126
  tag!("cas:authenticationSuccess") do
@@ -143,7 +146,6 @@ module CASServer::Views
143
146
 
144
147
  # 2.7.2
145
148
  def proxy
146
- @auto_validation = false
147
149
  if @success
148
150
  tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
149
151
  tag!("cas:proxySuccess") do
data/lib/themes/cas.css CHANGED
@@ -109,4 +109,12 @@ div.confirmation {
109
109
  background-repeat: no-repeat;
110
110
  background-position: 10px 5px;
111
111
  font-weight: bold;
112
+ }
113
+
114
+ div.notice {
115
+ color: #04c;
116
+ background-image: url(notice.png);
117
+ background-repeat: no-repeat;
118
+ background-position: 10px 5px;
119
+ font-weight: bold;
112
120
  }
Binary file
data/test/test_cas.rb ADDED
@@ -0,0 +1,33 @@
1
+ require 'rubygems'
2
+ require 'mosquito'
3
+
4
+ $CONF = {:authenticator => {:class => "CASServer::Authenticators::Test"},
5
+ :log => {:file => "/tmp/test.log", :level => "INFO"}}
6
+
7
+ require File.dirname(__FILE__) + "/../lib/casserver"
8
+
9
+ CASServer.create
10
+
11
+ class TestCASServer < Camping::UnitTest
12
+
13
+ include CASServer::CAS
14
+
15
+ def test_generate_proxy_granting_ticket
16
+ pgt_url = "https://portal.urbacon.net:6543/cas_proxy_callback/receive_pgt"
17
+ st = generate_service_ticket("http://test.foo", "tester")
18
+
19
+ pgt = nil
20
+
21
+ assert_difference(ProxyGrantingTicket, :count, 1) do
22
+ pgt = generate_proxy_granting_ticket(pgt_url, st)
23
+ end
24
+
25
+ puts pgt.inspect
26
+ end
27
+
28
+ protected
29
+ def env
30
+ return {'REMOTE_ADDR' => "TEST"}
31
+ end
32
+
33
+ end
@@ -123,28 +123,3 @@ class TestCASServer < Camping::FunctionalTest
123
123
  end
124
124
 
125
125
  end
126
-
127
- #class TestPost < Camping::UnitTest
128
- #
129
- # fixtures :blog_posts, :blog_users, :blog_comments
130
- #
131
- # def test_create
132
- # post = create
133
- # assert post.valid?
134
- # end
135
- #
136
- # def test_assoc
137
- # post = Post.find :first
138
- # assert_kind_of User, post.user
139
- # assert_equal 1, post.user.id
140
- # end
141
- #
142
- # private
143
- #
144
- # def create(options={})
145
- # Post.create({ :user_id => 1,
146
- # :title => "Title",
147
- # :body => "Body"}.merge(options))
148
- # end
149
- #
150
- #end
metadata CHANGED
@@ -3,8 +3,8 @@ rubygems_version: 0.9.0
3
3
  specification_version: 1
4
4
  name: rubycas-server
5
5
  version: !ruby/object:Gem::Version
6
- version: 0.2.0
7
- date: 2007-03-20 00:00:00 -04:00
6
+ version: 0.3.0
7
+ date: 2007-03-29 00:00:00 -04:00
8
8
  summary: Provides single sign on for web applications using the CAS protocol.
9
9
  require_paths:
10
10
  - lib
@@ -51,6 +51,7 @@ files:
51
51
  - lib/casserver/version.rb
52
52
  - lib/casserver/views.rb
53
53
  - lib/themes/cas.css
54
+ - lib/themes/notice.png
54
55
  - lib/themes/ok.png
55
56
  - lib/themes/simple/bg.png
56
57
  - lib/themes/simple/login_box_bg.png
@@ -64,6 +65,7 @@ files:
64
65
  - setup.rb
65
66
  - test/test_casserver.rb
66
67
  test_files:
68
+ - test/test_cas.rb
67
69
  - test/test_casserver.rb
68
70
  rdoc_options: []
69
71
 
@@ -86,20 +88,20 @@ dependencies:
86
88
  version: "1.5"
87
89
  version:
88
90
  - !ruby/object:Gem::Dependency
89
- name: sqlite3-ruby
91
+ name: activesupport
90
92
  version_requirement:
91
93
  version_requirements: !ruby/object:Gem::Version::Requirement
92
94
  requirements:
93
95
  - - ">="
94
96
  - !ruby/object:Gem::Version
95
- version: 1.2.0
97
+ version: 1.4.0
96
98
  version:
97
99
  - !ruby/object:Gem::Dependency
98
- name: activesupport
100
+ name: activerecord
99
101
  version_requirement:
100
102
  version_requirements: !ruby/object:Gem::Version::Requirement
101
103
  requirements:
102
104
  - - ">="
103
105
  - !ruby/object:Gem::Version
104
- version: 1.4.0
106
+ version: 1.15.3
105
107
  version: