What's new? | Help | Directory | Sign in
Google
rubycas-server
Single sign-on authentication for enterprise web apps
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
License: GNU General Public License v2
Labels: CAS, authentication, ruby, camping, sso, web, http
Show all Featured Downloads:
rubycas-server-0.6.0.gem
Links:
Groups:
Join project
Project owners:
  matt.zukowski, jzylks
Project members:
hfalaska, rubywmq

RubyCAS-Server provides a single sign-on solution for web applications, implementing the server-end of JA-SIG's CAS protocol.

The idea is similar to the way Yahoo, Google, and other major portal sites allow the user to authenticate using a central welcome page. Likewise, your CAS server provides the login page where the user enters their username and password. After successful authentication, the server dishes out 'service tickets' that grant access to the various CAS-protected services. Your CAS-protected services never see the user's real credentials, and logging in to one service grants access to all other services. The user only sees the login page once, hence "single sign-on".

RubyCAS-Server is designed to be easy to set up and customize. You do not need to know anything about Ruby to run the server. The front end (the central login page) can be skinned using CSS, and the back-end authentication method for validating usernames and passwords can be configured to use an existing SQL database, Active Directory, LDAP server, etc. For more information on the CAS protocol, have a look at the official JA-SIG CAS page.

In order to make your services (i.e. your web applications) CAS-protected, each service will require some configuration. Generally this is done by installing a CAS client library. For example for a Ruby on Rails application, you'll have to install RubyCAS-Client, which essentially acts like a standard controller filter. For PHP, install esup-phpcas and include a small block of code at the top of your CAS-protected PHP pages. For Java-based frameworks, you'll have to install the Java CAS Client and add some XML to your app server's configuration. Have a look at the JA-SIG CAS lients page for information on clients for other frameworks (.NET, Perl, Zope, ColdFusion, etc.).

To get started quickly, have a look at the QuickStart wiki page for step-by-step installation and usage instructions.

RubyCAS-Server is implemented using the Camping microframework, and is designed for easy deployment either as a stand-alone server or as a CGI script (for example under Apache). It fully implements the CAS 2.0 protocol, with full support for proxy ticketing.