Giters

coreypurcell / Adauth

Active Directory Authentication

Home Page:http://adauth.arcath.net

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Adauth

Easy to use Active Directory Authentication for Rails.

Install

Add the Adauth gem to your Gemfile:

gem 'adauth'

and run a bundle install

Usage

Adauth requires a config file which can be created by running the command

rails g adauth:config

This creates a config file for example.com with all the values present along with helpful comments for getting Adauth up and running.

Thats enough to very basically run Adauth, and if you prefer complete control over how your authentication is handled you can use this method:

Adauth.authenticate(username, password)

Which has 2 possible return values nil if the users details are wrong or an instance of Adauth::User if the details are correct.

Adauth provides a lot of additional functionality which can be used to get your authentication up and running quickly. See the wiki for more information.

Developing

Obviously to test the AD functionality Adauth requires a working domain and a user to try logging in with. If you try running the tests without first creating the test_data.yml file then they will fail with this error:

Failure/Error: @yaml = YAML::load(File.open('spec/test_data.yml'))

You need to create a yaml file that looks like this:

domain:
  domain: example.com
  server: 127.0.0.1
  port: 389
  base: "dc=example, dc=com"
  pass_allowed_groups:
    - group
  fail_allowed_groups:
    - no_group
  pass_allowed_ous:
    - ou
  fail_allowed_ous:
    - no_ou

user:
  login: username
  password: password
  group: group
  ou: ou_user_is_in
  email: email_of_user_in_ad

The domain portion of this file is pretty self explanatory, they are the same as the code above for creating a domain connection. ALL options need to be set here.

The pass and fail allowed groups need to be an array with pass containing a group that the test user is a member of and fail containing a group that the test user isn’t a member of. (The fail group doesn’t have to exist)

The user is a user capable of logging into the domain, you can use your account here or any account on the domain. The group attribute needs to be set to a group that you are a member of so that the tests can make sure that the correct groups are picked up from AD.

Don’t worry about this file making it into a pull request, it is in the .gitignore file so unless you remove it from there it wont be comitted.

If you make any additions/changes please add some tests for them.

About

Active Directory Authentication

http://adauth.arcath.net

Languages

Language:Ruby 100.0%