Class: CASServer::Authenticators::SQLEncrypted

Inherits:
Base
  • Object
show all
Defined in:
lib/casserver/authenticators/sql_encrypted.rb

Overview

This is a more secure version of the SQL authenticator. Passwords are encrypted rather than being stored in plain text.

Based on code contributed by Ben Mabey.

Using this authenticator requires some configuration on the client side. Please see code.google.com/p/rubycas-server/wiki/UsingTheSQLEncryptedAuthenticator

Defined Under Namespace

Modules: EncryptedPassword Classes: CASUser

Instance Attribute Summary

Attributes inherited from Base

#options, #username

Instance Method Summary collapse

Methods inherited from Base

#configure, #extra_attributes

Instance Method Details

#validate(credentials) ⇒ Object

Raises:



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/casserver/authenticators/sql_encrypted.rb', line 25

def validate(credentials)
  read_standard_credentials(credentials)
  
  raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
  raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:database]
  
  CASUser.establish_connection @options[:database]
  CASUser.set_table_name @options[:user_table] || "users"
  
  username_column = @options[:username_column] || "username"
  
  results = CASUser.find(:all, :conditions => ["#{username_column} = ?", @username])
  
  if results.size > 0
    $LOG.warn("Multiple matches found for user '#{@username}'") if results.size > 1
    user = results.first
    return user.encrypted_password == user.encrypt(@password)
  else
    return false
  end
end