Class: CAS::GatewayFilter
Overview
The GatewayFilter is identical to the normal Filter, but has the gateway option set to true by default. This makes it easier to use in cases where authentication is optional.
For example, say your ‘index’ view is accessible by authenticated and unauthenticated users, but you want some additional content shown for authenticated users. You can use the GatewayFilter to check if the user is already authenticated with CAS and provide them with a service ticket for the new service. If they are not already authenticated, then they will be allowed to see the ‘index’ view without being asked for a login.
To achieve this in a Rails controller, you should set up your filters as follows:
before_filter CAS::Filter, :except => [:index]
before_filter CAS::GatewayFilter, :only => [:index]
Note that you cannot use the ‘renew’ option with the GatewayFilter since the ‘gateway’ and ‘renew’ options have roughly opposite meanings – ‘renew’ forces re-authentication, while ‘gateway’ makes authentication optional.
Instance Method Summary collapse
Methods inherited from Filter
cas_base_url=, create_logout_url, fake, fake=, filter_f, filter_r, logger, logger=, logout_url, logout_url=, request_proxy_ticket
Instance Method Details
#logout_url ⇒ Object
535 536 537 538 539 540 541 542 |
# File 'lib/cas_auth.rb', line 535 def logout_url uri = URI.parse(super) if uri.query? uri.to_s + "&gateway=true" else uri.to_s + "?gateway=true" end end |