Module: Adauth
- Defined in:
- lib/adauth.rb,
lib/adauth/rails.rb,
lib/adauth/config.rb,
lib/adauth/version.rb,
lib/adauth/ad_object.rb,
lib/adauth/connection.rb,
lib/adauth/authenticate.rb,
lib/adauth/ad_objects/ou.rb,
lib/adauth/rails/helpers.rb,
lib/adauth/search_results.rb,
lib/adauth/ad_objects/user.rb,
lib/adauth/ad_objects/group.rb,
lib/adauth/ad_objects/folder.rb,
lib/adauth/rails/model_bridge.rb,
lib/adauth/ad_objects/computer.rb,
lib/generators/adauth/config/config_generator.rb,
lib/generators/adauth/sessions/sessions_generator.rb
Overview
Adauth Container Module
Defined Under Namespace
Modules: AdObjects, Generators, Rails Classes: AdObject, Config, Connection, SearchResults
Constant Summary collapse
- Version =
Adauths Version Number
'2.0.5'
Class Method Summary collapse
-
.add_field(object, adauth_method, ldap_method) ⇒ Object
Add a field to the specified model.
-
.allowed_to_login(user) ⇒ Object
Check if the user is allowed to login.
-
.authenticate(username, password) ⇒ Object
Authenticates the specifed user agains the domain.
-
.configure {|@config| ... } ⇒ Object
Yields a new config object and then sets it as the Adauth Config.
-
.connect ⇒ Object
Connects to ActiveDirectory using the query user details.
-
.connection ⇒ Object
Returns Adauths current connection to ActiveDirectory.
-
.connection_hash(user, password) ⇒ Object
Generates a hash for the connection class, takes a username and password.
-
.logger ⇒ Object
Returns the logger object.
-
.logger=(inputs) ⇒ Object
Lets you set a new logger.
Class Method Details
.add_field(object, adauth_method, ldap_method) ⇒ Object
Add a field to the specified model
7 8 9 10 |
# File 'lib/adauth/ad_object.rb', line 7 def self.add_field(object, adauth_method, ldap_method) Adauth.logger.info(object.inspect) { "Adding field \"#{ldap_method}\"" } object::Fields[adauth_method] = ldap_method end |
.allowed_to_login(user) ⇒ Object
Check if the user is allowed to login
25 26 27 28 29 30 31 |
# File 'lib/adauth/authenticate.rb', line 25 def self.allowed_to_login(user) if (@config.allowed_groups.empty? && @config.allowed_ous.empty?) && (@config.denied_groups.empty? && @config.denied_ous.empty?) return true else return (allowed_from_arrays(@config.allowed_groups, @config.denied_groups, user.cn_groups_nested) && allowed_from_arrays(@config.allowed_ous, @config.denied_ous, user.dn_ous)) end end |
.authenticate(username, password) ⇒ Object
Authenticates the specifed user agains the domain
Checks the groups & ous are in the allow/deny lists
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
# File 'lib/adauth/authenticate.rb', line 5 def self.authenticate(username, password) begin Adauth.logger.info("authentication") { "Attempting to authenticate as #{username}" } if Adauth::AdObjects::User.authenticate(username, password) user = Adauth::AdObjects::User.where('sAMAccountName', username).first if allowed_to_login(user) Adauth.logger.info("authentication") { "Authentication succesful" } return user else Adauth.logger.info("authentication") { "Authentication failed (not in allowed group or ou)" } return false end end rescue RuntimeError Adauth.logger.info("authentication") { "Authentication failed (RuntimeError)" } return false end end |
.configure {|@config| ... } ⇒ Object
Yields a new config object and then sets it as the Adauth Config
30 31 32 33 34 35 36 |
# File 'lib/adauth.rb', line 30 def self.configure @logger ||= Logger.new('log/adauth.log', 'weekly') @logger.info('load') { "Loading new config" } @connection = nil @config = Config.new yield(@config) end |
.connect ⇒ Object
Connects to ActiveDirectory using the query user details
47 48 49 50 |
# File 'lib/adauth.rb', line 47 def self.connect @logger.info('connection') { "Connecting to AD as \"#{@config.query_user}\"" } @connection = Adauth::Connection.new(connection_hash(@config.query_user, @config.query_password)).bind end |
.connection ⇒ Object
Returns Adauths current connection to ActiveDirectory
39 40 41 42 43 44 |
# File 'lib/adauth.rb', line 39 def self.connection @logger.fatal('connection') { "Attempted to create connection without configuring" } if @config == nil raise 'Adauth needs configuring before use' if @config == nil # Still raise an error here even after logging it so that adauth stops dead and doesn't error on the next line connect unless @connection @connection end |
.connection_hash(user, password) ⇒ Object
Generates a hash for the connection class, takes a username and password
53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'lib/adauth.rb', line 53 def self.connection_hash(user, password) { :domain => @config.domain, :server => @config.server, :port => @config.port, :base => @config.base, :encryption => @config.encryption, :allow_fallback => @config.allow_fallback, :username => user, :password => password, :anonymous_bind => @config.anonymous_bind } end |
.logger ⇒ Object
Returns the logger object
68 69 70 |
# File 'lib/adauth.rb', line 68 def self.logger @logger end |
.logger=(inputs) ⇒ Object
Lets you set a new logger
73 74 75 |
# File 'lib/adauth.rb', line 73 def self.logger=(inputs) @logger = inputs end |