Class: CASServer::Authenticators::SQL
- Defined in:
- lib/casserver/authenticators/sql.rb
Overview
Authenticates against a plain SQL table.
This assumes that all of your users are stored in a table that has a ‘username’ column and a ‘password’ column. When the user logs in, CAS conects to the database and looks for a matching username/password in the users table. If a matching username and password is found, authentication is successful.
Any database backend supported by ActiveRecord can be used.
Config example:
authenticator:
class: CASServer::Authenticators::SQL
database:
adapter: mysql
database: some_database_with_users_table
username: root
password:
server: localhost
user_table: users
username_column: username
password_column: password
When replying to a CAS client’s validation request, the server will normally provide the client with the authenticated user’s username. However it is now possible for the server to provide the client with additional attributes. You can configure the SQL authenticator to provide data from additional columns in the users table by listing the names of the columns under the ‘extra_attributes’ option. Note though that this functionality is experimental. It should work with RubyCAS-Client, but may or may not work with other CAS clients.
For example, with this configuration, the ‘full_name’ and ‘access_level’ columns will be provided to your CAS clients along with the username:
authenticator:
class: CASServer::Authenticators::SQL
database:
adapter: mysql
database: some_database_with_users_table
user_table: users
username_column: username
password_column: password
ignore_type_column: true # indicates if you want to ignore Single Table Inheritance 'type' field
extra_attributes: full_name, access_level
Direct Known Subclasses
Instance Attribute Summary
Attributes inherited from Base
Class Method Summary collapse
Instance Method Summary collapse
Methods inherited from Base
Class Method Details
.setup(options) ⇒ Object
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/casserver/authenticators/sql.rb', line 55 def self.setup() raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless [:database] user_model_name = "CASUser_#{[:auth_index]}" $LOG.debug "CREATING USER MODEL #{user_model_name}" class_eval %{ class #{user_model_name} < ActiveRecord::Base end } @user_model = const_get(user_model_name) @user_model.establish_connection([:database]) if ActiveRecord::VERSION::STRING >= '3.2' @user_model.table_name = ([:user_table] || 'users') else @user_model.set_table_name([:user_table] || 'users') end @user_model.inheritance_column = 'no_inheritance_column' if [:ignore_type_column] begin @user_model.connection rescue => e $LOG.debug e raise "SQL Authenticator can not connect to database" end end |
.user_model ⇒ Object
82 83 84 |
# File 'lib/casserver/authenticators/sql.rb', line 82 def self.user_model @user_model end |
Instance Method Details
#validate(credentials) ⇒ Object
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 |
# File 'lib/casserver/authenticators/sql.rb', line 86 def validate(credentials) read_standard_credentials(credentials) raise_if_not_configured log_connection_pool_size user_model.connection_pool.checkin(user_model.connection) if matching_users.size > 0 $LOG.warn("#{self.class}: Multiple matches found for user #{@username.inspect}") if matching_users.size > 1 unless @options[:extra_attributes].blank? if matching_users.size > 1 $LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}") else user = matching_users.first extract_extra(user) log_extra end end return true else return false end end |