libapache2-mod-auth-tkt 2.1.0+dfsg-1 / usr / share / doc / libapache2-mod-auth-tkt / examples / auth_tkt.rb.README

This file is indexed.

/usr/share/doc/libapache2-mod-auth-tkt/examples/auth_tkt.rb.README is in libapache2-mod-auth-tkt 2.1.0+dfsg-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
To generate auth_tkt cookies or just the ticket string you can use this
auth_tkt rails library.
  

Configuration
-------------

Copy auth_tkt.rb to the lib directory of your rails application. Edit it
and set the following values:
1. Set the path to the secret key file (configuration file, usually 
   02_auth_tkt.conf) for the constant SECRET_KEY_FILE.
2. If you want to use the ticket across multiple subdomains you have to 
   set a string for your top-level-domain for the constant DOMAIN (i.e. 
   ".yourdomain.com").


Usage
-----

To use the library, include it into your controller using "include AuthTkt".

Creating the cookie string:

User the 
  function get_tkt_hash(user, token_list, user_data, base64) 
to get a signed cookie string.

Parameters:

The user should be the username.
The token_list may be a group name or any token you want to use, leave it
blank or set it to nil, if you don't want to use any.
The user_data may be a any data you want to use, leave it blank or set it
to nil, if you don't want to use any.
The base64 value is a boolean, that activates base64 encoding for the 
ticket string, default is false. Keep in mind this is no encryption and 
does not protect your data from being red.
Data encryption to protect your data is not implemented for this library
yet. You should use SSL to prevent anybody from reading your data.

Setting a cookie:

Use the function
  set_auth_tkt_cookie(user, domain, token_list, user_data, base64)
to set a cookie directly. Use the parameters as described in the section
above.
The parameter domain will be the value for the domain used in the cookie.
It can be accessed from auth_tkt.rb via AuthTkt::DOMAIN or set to nil, if
none should be use.


Using acts_as_authenticated with auth_tkt
-----------------------------------------

The common plugin acts_as_authenticated adds an out of the box login 
system to a rails application.
The plugin acl_system2 adds role support to the acts_as_authenticated
login system.

To use the auth_tkt login with the rails plugins acts_as_authenticated
and acl_system2 to get a auth_tkt ticket saved with each login you have
to proceed the following steps:

Install and setup the plugins acts_as_authenticated and acl_system2.

Edit the file account_controller.rb:

1. add the line

   include AuthTkt
   
   at top of the class definition


2. add the following two lines

      role_titles = (self.current_user.roles.collect { |x| x.title }).join(',')
      set_auth_tkt_cookie(self.current_user.login, AuthTkt::DOMAIN, role_titles, nil, true)

   behind the row

      if logged_in?

   into the definition of the login function


3. add the following block
   
      if params[:back] and not params[:back].empty?
        redirect_to params[:back]
        return
      end

   above the line

      redirect_back_or_default(:controller => '/account', :action => 'index')
   
   into the definition of the login function


4. add the line

    destroy_auth_tkt_cookie
   
   after the line
   
    cookies.delete :auth_token
   
   into the definition of the logout function

APT Browse - Built by Thomas Orozco.