`
wutao8818
  • 浏览: 616184 次
  • 性别: Icon_minigender_1
  • 来自: 杭州
社区版块
存档分类
最新评论

CAS还是OpenID

阅读更多
转自: http://chinaonrails.com/topic/view/1610.html

With RubyCAS and Ruby-OpenID you have two choices to enable authentication for your application.

Security (CAS and OpenID) with Ruby http://www.infoq.com/presentations/gehtland-security-and-identity




RubyCas Server

原文地址 : http://blog.thinkrelevance.com/2008/6/1/small-things-loosely-joined-written-fast


引用

Small Things, Loosely Joined, Written Fast
Posted By jgehtland on June 01, 2008
Thanks to everyone who came out to my talk yesterday at RailsConf. That has to have been my favorite speaking engagement of the last year. Great crowd at a great show.
I got several requests for the slides and source code. The slides themselves are kind of useless; I don’t believe in writing slides that make people read. Slides are there for either entertainment or reminder purposes only. However, you can download them here if you might find them helpful.
On the other hand, source code is a much more useful take-away from a technical talk. You can download the code here. However, that source code is going to be useless without some background.
Things you will need to install
There are a variety of things you will need in order to get the sample to run. Most are gems, but one is a Java library. None of it is too hard.
RubyCas Server
First, head over to the QuickStart guide, which will walk you through downloading and installing the gem. In particular, go and look in the config file and modify it to match your specific configuration. For the purposes of my demo, I used the webrick server settings, and put it on port 80 with no SSL. However, if you want to test with SSL on, webrick is still the easiest solution since it supports SSL out of the box; if you go Mongrel, you’ll have to front it with Apache, and for local testing, that’s overkill.
You will then need to set up two databases; one for rubycas-server itself, and one for user accounts for the authenticator. Here’s what my settings look like:
database:
  adapter: mysql
  database: casserver
  username: root
  password:
  host: localhost

authenticator:
  class: CASServer::Authenticators::SQL
  database:
    adapter: mysql
    database: campus_users
    username: root
    password:
    server: localhost
  user_table: users
  username_column: username
  password_column: password
Don’t forget to actually create those databases. ;-)
The projects require rubycas-client, which you can install as a gem, but is embedded in the source code as a plugin.
UPDATE: Don’t forget to actually start rubycas-server.
> sudo rubycas-server
ActiveMQ
For the Rideshare part of the application, I used ActiveMQ as the back end messaging system. I used the 5.1.0 release for the demo; it runs on the JDK that is installed on the Mac without problem, no need to fiddle with your JDK install. Other platforms, just read the release notes and make sure you have the right bits.
ActiveMQ is configured to work on standard local ports out of the box, and the Stomp connector is enabled by default, so all you should have to do to get it up and running for the sample app is navigate to the root directory of the exploded tarball and execute:
> bin/activemq
That’s it. You will, however, have to install the Stomp gem for the sample to work.
> sudo gem install stomp --include-dependencies
To get it all running
Install RubyCas server and its databases. Populate the rubycas central user data with some accounts that have the same logins as the cas_user values in the fixtures from the application. For example, in the users.yml fixtures, there are records with cas_user=jgehtland. Make sure the RubyCas server authentication table has a user with login=jgehtland.
Install ActiveMQ and get it running.
Unzip the source code.
Create the databases for the two apps and load their fixtures into the development environment.
Run the Enrollr application on port 3000.
Run the DormPickR application on port 3001.
Point another browser window at localhost:3000/sender/send_ride_notice?city=Atlanta to pump messages into ActiveMQ. You can change the city and resend to create multiple pending messages.
That’s pretty much it. Drop a comment if that isn’t working for you (it is absolutely possible I forgot a required step or gem; if so, I’ll fix the instructions).
I’m also planning on writing up the talk as a series of posts starting later today that address each of the major areas in much more detail, so check back when you can.
Thanks again if you came to the talk!
分享到:
评论

相关推荐

    cas4.2.7 实现其他系统和cas互相认证互信

    1. **配置CAS Server**:在CAS服务器端,需要配置支持的认证协议,如SAML、OAuth或OpenID Connect等,这些协议允许外部系统与CAS进行安全的身份验证通信。 2. **创建服务定义**:在CAS中为每个要信任的外部系统创建...

    cas-server-3.5.2

    9. **cas-server-support-openid**:这部分代码支持OpenID协议,允许CAS作为OpenID提供者,让用户可以用他们的CAS账号登录支持OpenID的其他网站。 10. **cas-server-support-oauth**:CAS对OAuth的支持使得它能与...

    cas4.0.7+casClient示例(原生)

    此版本支持多种协议,如CAS 2.0/3.0、SAML 1.1和OpenID。CAS服务器可以通过服务注册中心管理各个应用的接入,允许用户在一个地方登录后,无须再次输入凭证即可访问多个相互信任的应用。 **2. CAS客户端集成** CAS...

    cas-4.1.7最新

    3. 新增功能:可能包含新的认证协议支持,如OAuth、OpenID Connect等。 4. API改进:对API进行调整,以便更好地支持开发者集成和扩展。 5. 问题修复:解决了之前版本中报告的一些问题,提高系统的稳定性和可靠性。 ...

    Cas5.2.6(cas-overlay-template-5.2.6)服务端

    例如,支持更多的身份验证协议如OAuth、OpenID Connect、SAML2等。 3. **性能优化**:此版本可能对系统性能进行了优化,以提高处理大量并发请求的能力。 4. **模块化设计**:CAS 5.2.x系列强调模块化,使得定制和...

    cas-3.4.1_单点登录_CAS_

    2. **协议支持**:CAS支持多种协议,如CAS原生协议、SAML 1.1和2.0、OAuth 2.0、OpenID Connect等,使得CAS能够与其他系统(如Web应用程序、APIs等)无缝集成。 3. **服务管理**:CAS提供了一个服务注册中心,可以...

    cas-client-3.2.1 cas-server-3.4.11

    CAS支持与各种系统集成,如SAML 1.1和2.0,OAuth,OpenID Connect,JWT等,使得与其他身份验证标准和框架的互操作成为可能。 7. **监控与日志**: CAS服务器通常会记录详细的日志信息,以便于调试和审计。还可以...

    CAS自定义加密和登录验证

    但有时,你可能需要根据特定需求,如OAuth、OpenID Connect或其他自定义认证源,来编写自己的认证处理器。 1. **认证处理器**:你需要创建一个实现了`AuthenticationHandler`接口的类,这个类将处理实际的认证逻辑...

    CAS单点登录服务端部署包

    CAS 是 Central Authentication ...将身份验证委派至 WS-FED, Facebook, Twitter, SAML IdP, OpenID, OpenID Connect, CAS 等地方 通过 ABAC, Time/Date, REST, Internet2 的 Grouper 等因子进行身份验证 通过 Hazelc

    CAS服务端和客户端war包.rar

    CAS支持多种扩展,例如OAuth、OpenID Connect等现代身份验证协议。此外,通过SSL/TLS加密通信可以保证传输过程中的数据安全。 总的来说,这个压缩包提供了完整的CAS SSO解决方案,包括服务器端和两个示例客户端...

    Cas Server 3.4.2 和 Cas Client 3.1.6 的源代码

    3. **协议支持**:Cas Server 支持多种协议,如 CAS v1、v2、v3,SAML 1.1,以及 OpenID Connect 等,这些协议决定了与客户端交互的方式。 4. **扩展性**:Cas Server 3.4.2 提供了丰富的插件和扩展机制,允许...

    cas、第三方接口登录

    CAS(Central Authentication Service)是基于Java的开源身份验证框架,用于实现单一登录(Single Sign-On,简称SSO)。SSO允许用户通过一次登录,就可以访问多个应用系统,无需重复输入用户名和密码。这对于大型...

    集成cas实现单点登录认证.zip

    CAS支持多种协议,如CAS协议、SAML2.0等,并且可以与其他身份验证服务(如OAuth、OpenID Connect)集成。 2. 单点登录原理:SSO的核心思想是用户只需要进行一次身份验证,然后这个验证结果可以在所有信任的系统之间...

    cas4.2.4、cas4.0war包

    3. **移动设备支持**:支持多种认证协议,如SAML2、OAuth、OpenID Connect等,以适应不同类型的设备和应用需求。 4. **可定制化**:提供了丰富的API和插件机制,使得开发者可以根据自己的需求进行扩展和定制。 5. ...

    cas4认证服务

    1. **协议支持**:CAS支持多种身份验证协议,如CAS Protocol、SAML 1.1、OAuth、OpenID Connect等,使得它能与各种应用系统集成。 2. **多语言支持**:CAS 4.x版本提供了多语言界面,方便不同地区的用户使用。 3. **...

    CAS5.3.5 server代码

    在实际操作中,你可能还需要了解CAS的XML服务注册、Ticket Granting Tickets(TGTs)、Service Tickets(STs)等核心概念,以及如何配置SAML、OAuth、OpenID Connect等身份验证协议。这个代码包为你提供了一个起点,...

    spring-webmvc-pac4j:Spring Web MVC的安全性库:OAuth,CAS,SAML,OpenID Connect,LDAP,JWT ..

    ▸OAuth-SAML-CAS-OpenID Connect-HTTP-Google App Engine-LDAP-SQL-JWT-MongoDB-CouchDB-Kerberos-IP地址-Kerberos(SPNEGO)-REST API 者旨在检查已认证的用户个人资料或当前Web上下文中的授权: ▸角色/权限-...

    cas-overlay-template-6.1 服务端代码

    同时,理解CAS的认证流程和协议,如SAML、OAuth、OpenID Connect等,将有助于你更好地定制和扩展服务。 总之,"cas-overlay-template-6.1 服务端代码"提供了部署和配置CAS 6.1X Server的基础,而集成MySQL数据源则...

    cas-server-3.4.3.1-release.zip

    CAS支持多种协议,如CAS Protocol、SAML、OAuth、OpenID Connect等,使得它可以与其他各种系统集成。 在"cas-server-3.4.3.1"这个压缩包子文件的文件名称列表中,我们可以预期找到以下组件和配置文件: 1. `cas-...

    cas-server-3.4.2.1-release

    同时,CAS 支持与其他系统集成,如 SAML、OAuth 和 OpenID Connect。 总的来说,"cas-server-3.4.2.1-release" 是一个强大且灵活的身份验证解决方案,为组织提供了高效、安全的单一登录服务。深入了解并正确配置 ...

Global site tag (gtag.js) - Google Analytics