CAS还是OpenID

转自: http://chinaonrails.com/topic/view/1610.html

With RubyCAS and Ruby-OpenID you have two choices to enable authentication for your application.

Security (CAS and OpenID) with Ruby http://www.infoq.com/presentations/gehtland-security-and-identity




RubyCas Server

原文地址 ： http://blog.thinkrelevance.com/2008/6/1/small-things-loosely-joined-written-fast

引用

Small Things, Loosely Joined, Written Fast
Posted By jgehtland on June 01, 2008
Thanks to everyone who came out to my talk yesterday at RailsConf. That has to have been my favorite speaking engagement of the last year. Great crowd at a great show.
I got several requests for the slides and source code. The slides themselves are kind of useless; I don’t believe in writing slides that make people read. Slides are there for either entertainment or reminder purposes only. However, you can download them here if you might find them helpful.
On the other hand, source code is a much more useful take-away from a technical talk. You can download the code here. However, that source code is going to be useless without some background.
Things you will need to install
There are a variety of things you will need in order to get the sample to run. Most are gems, but one is a Java library. None of it is too hard.
RubyCas Server
First, head over to the QuickStart guide, which will walk you through downloading and installing the gem. In particular, go and look in the config file and modify it to match your specific configuration. For the purposes of my demo, I used the webrick server settings, and put it on port 80 with no SSL. However, if you want to test with SSL on, webrick is still the easiest solution since it supports SSL out of the box; if you go Mongrel, you’ll have to front it with Apache, and for local testing, that’s overkill.
You will then need to set up two databases; one for rubycas-server itself, and one for user accounts for the authenticator. Here’s what my settings look like:
database:
  adapter: mysql
  database: casserver
  username: root
  password:
  host: localhost

authenticator:
  class: CASServer::Authenticators::SQL
  database:
    adapter: mysql
    database: campus_users
    username: root
    password:
    server: localhost
  user_table: users
  username_column: username
  password_column: password
Don’t forget to actually create those databases. ;-)
The projects require rubycas-client, which you can install as a gem, but is embedded in the source code as a plugin.
UPDATE: Don’t forget to actually start rubycas-server.
> sudo rubycas-server
ActiveMQ
For the Rideshare part of the application, I used ActiveMQ as the back end messaging system. I used the 5.1.0 release for the demo; it runs on the JDK that is installed on the Mac without problem, no need to fiddle with your JDK install. Other platforms, just read the release notes and make sure you have the right bits.
ActiveMQ is configured to work on standard local ports out of the box, and the Stomp connector is enabled by default, so all you should have to do to get it up and running for the sample app is navigate to the root directory of the exploded tarball and execute:
> bin/activemq
That’s it. You will, however, have to install the Stomp gem for the sample to work.
> sudo gem install stomp --include-dependencies
To get it all running
Install RubyCas server and its databases. Populate the rubycas central user data with some accounts that have the same logins as the cas_user values in the fixtures from the application. For example, in the users.yml fixtures, there are records with cas_user=jgehtland. Make sure the RubyCas server authentication table has a user with login=jgehtland.
Install ActiveMQ and get it running.
Unzip the source code.
Create the databases for the two apps and load their fixtures into the development environment.
Run the Enrollr application on port 3000.
Run the DormPickR application on port 3001.
Point another browser window at localhost:3000/sender/send_ride_notice?city=Atlanta to pump messages into ActiveMQ. You can change the city and resend to create multiple pending messages.
That’s pretty much it. Drop a comment if that isn’t working for you (it is absolutely possible I forgot a required step or gem; if so, I’ll fix the instructions).
I’m also planning on writing up the talk as a series of posts starting later today that address each of the major areas in much more detail, so check back when you can.
Thanks again if you came to the talk!