Kerberos Authentication in Rails

前端 未结 2 1490
臣服心动
臣服心动 2021-02-09 08:15

Is it possible to use kerberos to authenticate a user under rails? Are there any existing plugins (preferably which extend authlogic\'s functionality) to do this?

相关标签:
2条回答
  • 2021-02-09 09:07

    If you wanto to switch from authlogic to Omniauth for your authentication there's a module for it:

    https://github.com/jgraichen/omniauth-kerberos

    0 讨论(0)
  • 2021-02-09 09:14

    I'm hoping someone else will come around and show us a pure Rails way of doing this. But until then, the easiest way to get things going is by letting your web server handle it.

    On that note, I'm going to assume Apache. If this is not the case, please tell us a bit more about your set-up.


    Proper Kerberos authentication in browsers is done in the HTTP protocol itself, much like Basic or Digest authentication. In Apache, this can be done with mod_kerb_auth.

    Then the next step is to find out how to retrieve the username. It depends a bit on the interface you're using between the web-server and your Rails app. This could be Passenger, FastCGI, mod_proxy, etc.

    Many will follow the original CGI standard to some degree, passing along a bunch of environment variables with the request. Try the following in your controller:

    username = request.env['REMOTE_USER']
    

    That's as far as I can take you. I've never used authlogic. Though, by the looks of it, it supports plugins. Perhaps you can create a new one that blindly trusts REMOTE_USER if it is set?

    0 讨论(0)
提交回复
热议问题