Giter VIP home page Giter VIP logo

devise_cas_authenticatable's Introduction

devise_cas_authenticatable Build Status

Written by Nat Budin
Taking a lot of inspiration from devise_ldap_authenticatable

devise_cas_authenticatable is CAS single sign-on support for Devise applications. It acts as a replacement for database_authenticatable. It builds on rubycas-client and should support just about any conformant CAS server (although I have personally tested it using rubycas-server).

Requirements

  • Rails 3.0 or greater (works with 4.x versions as well)
  • Devise 1.2 or greater
  • rubycas-client

Installation

Add to your Gemfile:

gem 'devise'
gem 'devise_cas_authenticatable'

Setup

Once devise_cas_authenticatable is installed, add the following to your user model:

devise :cas_authenticatable

You can also add other modules such as token_authenticatable, trackable, etc. Please do not add database_authenticatable as this module is intended to replace it.

You'll also need to set up the database schema for this:

create_table :users do |t|
  t.string :username, :null => false
end

We also recommend putting a unique index on the username column:

add_index :users, :username, :unique => true

(Note: previously, devise_cas_authenticatable recommended using a t.cas_authenticatable method call to update the schema. Devise 2.0 has deprecated this type of schema building method, so we now recommend just adding the username string column as above. As of this writing, t.cas_authenticatable still works, but throws a deprecation warning in Devise 2.0.)

Finally, you'll need to add some configuration to your config/initializers/devise.rb in order to tell your app how to talk to your CAS server:

Devise.setup do |config|
  ...
  config.cas_base_url = "https://cas.myorganization.com"

  # you can override these if you need to, but cas_base_url is usually enough
  # config.cas_login_url = "https://cas.myorganization.com/login"
  # config.cas_logout_url = "https://cas.myorganization.com/logout"
  # config.cas_validate_url = "https://cas.myorganization.com/serviceValidate"

  # The CAS specification allows for the passing of a follow URL to be displayed when
  # a user logs out on the CAS server. RubyCAS-Server also supports redirecting to a
  # URL via the destination param. Set either of these urls and specify either nil,
  # 'destination' or 'follow' as the logout_url_param. If the urls are blank but
  # logout_url_param is set, a default will be detected for the service.
  # config.cas_destination_url = 'https://cas.myorganization.com'
  # config.cas_follow_url = 'https://cas.myorganization.com'
  # config.cas_logout_url_param = nil

  # You can specify the name of the destination argument with the following option.
  # e.g. the following option will change it from 'destination' to 'url'
  # config.cas_destination_logout_param_name = 'url'
  
  # By default, devise_cas_authenticatable will create users.  If you would rather
  # require user records to already exist locally before they can authenticate via
  # CAS, uncomment the following line.
  # config.cas_create_user = false

  # You can enable Single Sign Out, which by default is disabled.
  # config.cas_enable_single_sign_out = true
  
  # If you don't want to use the username returned from your CAS server as the unique
  # identifier, but some other field passed in cas_extra_attributes, you can specify
  # the field name here.
  # config.cas_user_identifier = nil

  # If you want to use the Devise Timeoutable module with single sign out,
  # uncommenting this will redirect timeouts to the logout url, so that the CAS can
  # take care of signing out the other serviced applocations. Note that each
  # application manages timeouts independently, so one application timing out will
  # kill the session on all applications serviced by the CAS.
  # config.warden do |manager|
  #   manager.failure_app = DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp
  # end

  # If you need to specify some extra configs for rubycas-client, you can do this via:
  # config.cas_client_config_options = {
  #     logger: Rails.logger
  # }
end

Extra attributes

If your CAS server passes along extra attributes you'd like to save in your user records, using the CAS extra_attributes parameter, you can define a method in your user model called cas_extra_attributes= to accept these. For example:

class User < ActiveRecord::Base
  devise :cas_authenticatable

  def cas_extra_attributes=(extra_attributes)
    extra_attributes.each do |name, value|
      case name.to_sym
      when :fullname
        self.fullname = value
      when :email
        self.email = value
      end
    end
  end
end

See also

TODO

  • Test on non-ActiveRecord ORMs

License

devise_cas_authenticatable is released under the terms and conditions of the MIT license. See the LICENSE file for more information.

devise_cas_authenticatable's People

Contributors

nbudin avatar jeremyhaile avatar gmoore avatar nicolai86 avatar endel avatar j1n6 avatar kylejginavan avatar joraff avatar fernandomantoan avatar eturino avatar neb2000 avatar liudangyi avatar geoffroh avatar bonyiii avatar tsechingho avatar tod-uma avatar fuzziness avatar joe81 avatar jeremysmithco avatar korun avatar ganders avatar dwaynemac avatar brunograsselli avatar joel1di1 avatar antillas21 avatar hashnuke avatar tenderlove avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.