crowd_rails

Single sign on (SSO) with Atlassian Crowd 2.0 for Ruby on Rails.

INSTALL:

sudo gem install crowd_rails

REQUIREMENTS:

  • gem crowd-stefanwille

  • soap4r v1.5.8

  • Atlassian Crowd v2.0

  • Ruby v1.8.6 (or later)

  • Rails 2.3.8 (or later)

USE:

Add a file config/initializers/crowd_setup.rb and configure:

require 'crowd'

Crowd.crowd_url = 'http://127.0.0.1:8095/crowd/services/SecurityServer'
Crowd.crowd_app_name = 'soaptest'
Crowd.crowd_app_pword = 'soaptest'
Crowd.crowd_validation_factors_need_user_agent = false  # false for Crowd 2.0.5, true for Crowd 2.0.2
Crowd.crowd_session_validationinterval = 0  # Set > 0 for authentication caching.

Then add this to your ApplicationController class:

class ApplicationController < ActionController::Base
  include Crowd::SingleSignOn

  ...
  before_filter :authenticate 

  private
    def authenticate      
      return if RAILS_ENV == "test"

      return if crowd_authenticated?

      authenticate_or_request_with_http_basic('My Application') do |user_name, password| 
        crowd_authenticate(user_name, password)
      end
    end
end

This will give you the usual gray password box (aka ‘basic auth’). Replace Rails’ the call to authenticate_or_request_with_http_basic() that asks the user for username and password if you want some fancier.

There is an example Rails app at github.com/stefanwille/crowd_rails_test that implements this approach.

Assumptions (used above):

  • Crowd Server is on localhost, port 8095

  • There is an application configured in Crowd with name and password ‘soaptest’

  • Application ‘soaptest’ directory set to ‘True’

FEATURES:

  • Interoperable single sign on with Atlassian Crowd 2.0.2 and 2.0.5.

  • Can be configured for authentication caching.

Available methods in module Crowd::SingleSignOn:

  • crowd_authenticated? - Returns whether the user is already authenticated.

  • crowd_authenticate(user_name, password) - Authenticates the user with the given user name and password and marks the user as authenticated on success.

  • crowd_authenticate!(user_name, password) - Same as #crowd_authenticate, but raises an AuthenticationException on failure.

  • crowd_current_user_display_name - Returns the current users display name.

  • crowd_current_user - Returns the current user, as seen by crowd.

  • crowd_token - Returns the crowd token or nil.

  • crowd_log_out - Logs the user out

Note on Patches/Pull Requests

  • Fork the project.

  • Make your feature addition or bug fix.

  • Add tests for it. This is important so I don’t break it in a future version unintentionally.

  • Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)

  • Send me a pull request. Bonus points for topic branches.

Copyright © 2010 Stefan Wille. See LICENSE for details.