Please Note THIS MODULE CAN ONLY DO AUTHENTICATION AT THIS MOMENT.
Devise Crowd Authenticatable is a Crowd based authentication strategy for the Devise authentication framework.
If you are building applications for use within your organization which require authentication and you want to use Crowd, this plugin is for you.
Please Note
This Rails plug-in supports ONLY Rails 3.x.
- An Crowd server
- Rails 3.x
These gems are dependencies of the gem:
- Devise > 2.0
In the Gemfile for your application:
gem "devise", "~> 2.0"
gem "devise_crowd_authenticatable"
To get the latest version, pull directly from github instead of the gem:
gem "devise_crowd_authenticatable", :git => "git://github.com/parmarg/devise_crowd_authenticatable.git"
Run the rails generators for devise (please check the devise documents for further instructions)
rails generate devise:install
rails generate devise MODEL_NAME
Run the rails generator for devise_crowd_authenticatable
rails generate devise_crowd_authenticatable:install [options]
This will install the sample.yml, update the devise.rb initializer, and update your user model. There are some options you can pass to it:
Options:
[--user-model=USER_MODEL] # Model to update
# Default: user
[--update-model] # Update model to change from database_authenticatable to crowd_authenticatable
# Default: true
[--add-rescue] # Update Application Controller with resuce_from for DeviseLdapAuthenticatable::LdapException
# Default: true
[--advanced] # Add advanced config options to the devise initializer
Devise Crowd Authenticatable works in replacement of Database Authenticatable
Please Note
This devise plugin has not been tested with DatabaseAuthenticatable enabled at the same time. This is meant as a drop in replacement for DatabaseAuthenticatable allowing for a semi single sign on approach.
The field that is used for logins is the first key that's configured in the
config/devise.rb file under config.authentication_keys, which by default is
email.
In initializer config/initializers/devise.rb :
-
crowd_logger (default: true)
- If set to true, will log Crowd queries to the Rails logger.
-
crowd_create_user (default: false)
- If set to true, all valid Crowd users will be allowed to login and an appropriate user record will be created. If set to false, you will have to create the user record before they will be allowed to login.
-
crowd_config (default: #{Rails.root}/config/crowd.yml)
- Where to find the Crowd config file. Commented out to use the default, change if needed.
-
crowd_update_password (default: true)
- When doing password resets, if true will update the Crowd server. Requires admin password in the crowd.yml
-
crowd_check_group_membership (default: false)
- When set to true, the user trying to login will be checked to make sure they are in all of groups specified in the crowd.yml file.
-
crowd_check_attributes (default: false)
- When set to true, the user trying to login will be checked to make sure they have all of the attributes in the crowd.yml file.
-
crowd_use_admin_to_bind (default: false)
- When set to true, the admin user will be used to bind to the Crowd server during authentication.
These parameters will be added to config/initializers/devise.rb when you pass the --advanced switch to the generator:
- crowd_auth_username_builder (default:
Proc.new() {|attribute, login, crowd| "#{attribute}=#{login},#{crowd.base}" })- You can pass a proc to the username option to explicitly specify the format that you search for a users' DN on your Crowd server.
Released under the MIT license
Copyright (c) 2010 Curtis Schiewek, Daniel McNevin, John-Mason P. Shackelford
This is largely ripped-off of Curis Schiewek's Devise LDAP Authenticatable.