Class: CASServer::Authenticators::SQLEncrypted
- Defined in:
- lib/casserver/authenticators/sql_encrypted.rb
Overview
This is a more secure version of the SQL authenticator. Passwords are encrypted rather than being stored in plain text.
Based on code contributed by Ben Mabey.
Using this authenticator requires some configuration on the client side. Please see code.google.com/p/rubycas-server/wiki/UsingTheSQLEncryptedAuthenticator
Defined Under Namespace
Modules: EncryptedPassword Classes: CASUser
Instance Attribute Summary
Attributes inherited from Base
Instance Method Summary collapse
Methods inherited from Base
Instance Method Details
#validate(credentials) ⇒ Object
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/casserver/authenticators/sql_encrypted.rb', line 25 def validate(credentials) read_standard_credentials(credentials) raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless [:database] CASUser.establish_connection [:database] CASUser.set_table_name [:user_table] || "users" username_column = [:username_column] || "username" results = CASUser.find(:all, :conditions => ["#{username_column} = ?", @username]) if results.size > 0 $LOG.warn("Multiple matches found for user '#{@username}'") if results.size > 1 user = results.first return user.encrypted_password == user.encrypt(@password) else return false end end |