Class: CASServer::Authenticators::SQLAuthlogic
- Defined in:
- lib/casserver/authenticators/sql_authlogic.rb
Overview
authenticator:
class: CASServer::Authenticators::SQLAuthlogic
database:
adapter: mysql
database: some_database_with_users_table
user: root
password:
server: localhost
user_table: user
username_column: login
password_column: crypted_password
salt_column: password_salt
encryptor: Sha1
encryptor_options:
digest_format: --SALT--PASSWORD--
stretches: 1
Instance Attribute Summary
Attributes inherited from Base
Instance Method Summary collapse
Methods inherited from SQL
Methods inherited from Base
#configure, #extra_attributes, setup
Instance Method Details
#validate(credentials) ⇒ Object
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 |
# File 'lib/casserver/authenticators/sql_authlogic.rb', line 48 def validate(credentials) read_standard_credentials(credentials) raise_if_not_configured user_model = self.class.user_model username_column = @options[:username_column] || "login" password_column = @options[:password_column] || "crypted_password" salt_column = @options[:salt_column] $LOG.debug "#{self.class}: [#{user_model}] " + "Connection pool size: #{user_model.connection_pool.instance_variable_get(:@checked_out).length}/#{user_model.connection_pool.instance_variable_get(:@connections).length}" results = user_model.find(:all, :conditions => ["#{username_column} = ?", @username]) user_model.connection_pool.checkin(user_model.connection) begin encryptor = eval("Authlogic::CryptoProviders::" + @options[:encryptor] || "Sha512") rescue $LOG.warn("Could not initialize Authlogic crypto class for '#{@options[:encryptor]}'") encryptor = Authlogic::CryptoProviders::Sha512 end @options[:encryptor_options].each do |name, value| encryptor.send("#{name}=", value) if encryptor.respond_to?("#{name}=") end if results.size > 0 $LOG.warn("Multiple matches found for user '#{@username}'") if results.size > 1 user = results.first tokens = [@password, (not salt_column.nil?) && user.send(salt_column) || nil].compact crypted = user.send(password_column) unless @options[:extra_attributes].blank? if results.size > 1 $LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}") else extract_extra(user) log_extra end end return encryptor.matches?(crypted, tokens) else return false end end |