Module: KerberosAuthenticator
- Defined in:
- lib/kerberos_authenticator.rb,
lib/kerberos_authenticator/krb5.rb,
lib/kerberos_authenticator/error.rb,
lib/kerberos_authenticator/version.rb,
lib/kerberos_authenticator/krb5/data.rb,
lib/kerberos_authenticator/krb5/creds.rb,
lib/kerberos_authenticator/krb5/error.rb,
lib/kerberos_authenticator/krb5/keytab.rb,
lib/kerberos_authenticator/krb5/context.rb,
lib/kerberos_authenticator/krb5/principal.rb,
lib/kerberos_authenticator/krb5/attach_function.rb
Overview
Authenticates a Kerberos user using their password.
Defined Under Namespace
Modules: Krb5 Classes: Error, StandardError
Constant Summary collapse
- VERSION =
'0.0.7'.freeze
Class Attribute Summary collapse
-
.keytab_base64 ⇒ String
The keytab to use when verifying the identity of the KDC represented as a Base64 encoded string (overrides KerberosAuthenticator.keytab_path).
-
.keytab_path ⇒ String
The path to the keytab to use when verifying the identity of the KDC.
-
.server ⇒ String
The server principal name to use when verifying the identity of the KDC.
-
.service ⇒ String
The service principal name to request a ticket for when obtaining a user’s credentials.
Class Method Summary collapse
-
.authenticate!(username, password) ⇒ TrueClass
Authenticates a user using their password.
-
.change_password!(username, old_password, new_password) ⇒ TrueClass
Change a user’s password by authenticating with their current one.
-
.krb5 ⇒ Krb5
A convenience method to access the Krb5 module when using the KerberosAuthenticator.setup method.
-
.setup {|_self| ... } ⇒ Object
Supports setting KerberosAuthenticator up using a block.
Class Attribute Details
.keytab_base64 ⇒ String
Returns the keytab to use when verifying the identity of the KDC represented as a Base64 encoded string (overrides keytab_path).
|
# File 'lib/kerberos_authenticator.rb', line 48
|
.keytab_path ⇒ String
Returns the path to the keytab to use when verifying the identity of the KDC.
|
# File 'lib/kerberos_authenticator.rb', line 52
|
.server ⇒ String
Returns the server principal name to use when verifying the identity of the KDC.
|
# File 'lib/kerberos_authenticator.rb', line 56
|
.service ⇒ String
Returns the service principal name to request a ticket for when obtaining a user’s credentials.
|
# File 'lib/kerberos_authenticator.rb', line 60
|
Class Method Details
.authenticate!(username, password) ⇒ TrueClass
Authenticates a user using their password.
29 30 31 32 33 34 35 36 37 38 |
# File 'lib/kerberos_authenticator.rb', line 29 def self.authenticate!(username, password) user = Krb5::Principal.new_with_name(username) creds = user.initial_creds_with_password(password, service) with_keytab do |kt| creds.verify!(server_princ, kt) end true end |
.change_password!(username, old_password, new_password) ⇒ TrueClass
Change a user’s password by authenticating with their current one.
43 44 45 46 |
# File 'lib/kerberos_authenticator.rb', line 43 def self.change_password!(username, old_password, new_password) user = Krb5::Principal.new_with_name(username) user.change_password(old_password, new_password) end |
.krb5 ⇒ Krb5
A convenience method to access the Krb5 module when using the setup method.
12 13 14 |
# File 'lib/kerberos_authenticator.rb', line 12 def self.krb5 Krb5 end |
.setup {|_self| ... } ⇒ Object
Supports setting KerberosAuthenticator up using a block.
17 18 19 |
# File 'lib/kerberos_authenticator.rb', line 17 def self.setup yield self end |