Class: CASServer::Authenticators::SQLAuthlogic

Inherits:
SQL
  • Object
show all
Defined in:
lib/casserver/authenticators/sql_authlogic.rb

Overview

authenticator:

class: CASServer::Authenticators::SQLAuthlogic
database:
  adapter: mysql
  database: some_database_with_users_table
  user: root
  password:
  server: localhost
user_table: user
username_column: login
password_column: crypted_password
salt_column: password_salt
encryptor: Sha1
encryptor_options:
  digest_format: --SALT--PASSWORD--
  stretches: 1

Instance Attribute Summary

Attributes inherited from Base

#options, #username

Instance Method Summary collapse

Methods inherited from SQL

setup, user_model

Methods inherited from Base

#configure, #extra_attributes, setup

Instance Method Details

#validate(credentials) ⇒ Object



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# File 'lib/casserver/authenticators/sql_authlogic.rb', line 48

def validate(credentials)
  read_standard_credentials(credentials)
  raise_if_not_configured

  user_model = self.class.user_model

  username_column = @options[:username_column] || "login"
  password_column = @options[:password_column] || "crypted_password"
  salt_column     = @options[:salt_column]

  $LOG.debug "#{self.class}: [#{user_model}] " + "Connection pool size: #{user_model.connection_pool.instance_variable_get(:@checked_out).length}/#{user_model.connection_pool.instance_variable_get(:@connections).length}"
  results = user_model.find(:all, :conditions => ["#{username_column} = ?", @username])
  user_model.connection_pool.checkin(user_model.connection)

  begin
    encryptor = eval("Authlogic::CryptoProviders::" + @options[:encryptor] || "Sha512")
  rescue
    $LOG.warn("Could not initialize Authlogic crypto class for '#{@options[:encryptor]}'")
    encryptor = Authlogic::CryptoProviders::Sha512
  end

  @options[:encryptor_options].each do |name, value|
    encryptor.send("#{name}=", value) if encryptor.respond_to?("#{name}=")
  end

  if results.size > 0
    $LOG.warn("Multiple matches found for user '#{@username}'") if results.size > 1
    user = results.first
    tokens = [@password, (not salt_column.nil?) && user.send(salt_column) || nil].compact
    crypted = user.send(password_column)

    unless @options[:extra_attributes].blank?
      if results.size > 1
        $LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}")
      else
        extract_extra(user)
        log_extra
      end
    end

    return encryptor.matches?(crypted, tokens)
  else
    return false
  end
end