Class | CASServer::Authenticators::SQLAuthlogic |
In: |
lib/casserver/authenticators/sql_authlogic.rb
|
Parent: | CASServer::Authenticators::SQL |
authenticator:
class: CASServer::Authenticators::SQLAuthlogic database: adapter: mysql database: some_database_with_users_table user: root password: server: localhost user_table: user username_column: login password_column: crypted_password salt_column: password_salt encryptor: Sha1 encryptor_options: digest_format: --SALT--PASSWORD-- stretches: 1
# File lib/casserver/authenticators/sql_authlogic.rb, line 48 48: def validate(credentials) 49: read_standard_credentials(credentials) 50: raise_if_not_configured 51: 52: user_model = self.class.user_model 53: 54: username_column = @options[:username_column] || "login" 55: password_column = @options[:password_column] || "crypted_password" 56: salt_column = @options[:salt_column] 57: 58: $LOG.debug "#{self.class}: [#{user_model}] " + "Connection pool size: #{user_model.connection_pool.instance_variable_get(:@checked_out).length}/#{user_model.connection_pool.instance_variable_get(:@connections).length}" 59: results = user_model.find(:all, :conditions => ["#{username_column} = ?", @username]) 60: user_model.connection_pool.checkin(user_model.connection) 61: 62: begin 63: encryptor = eval("Authlogic::CryptoProviders::" + @options[:encryptor] || "Sha512") 64: rescue 65: $LOG.warn("Could not initialize Authlogic crypto class for '#{@options[:encryptor]}'") 66: encryptor = Authlogic::CryptoProviders::Sha512 67: end 68: 69: @options[:encryptor_options].each do |name, value| 70: encryptor.send("#{name}=", value) if encryptor.respond_to?("#{name}=") 71: end 72: 73: if results.size > 0 74: $LOG.warn("Multiple matches found for user '#{@username}'") if results.size > 1 75: user = results.first 76: tokens = [@password, (not salt_column.nil?) && user.send(salt_column) || nil].compact 77: crypted = user.send(password_column) 78: 79: unless @options[:extra_attributes].blank? 80: if results.size > 1 81: $LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}") 82: else 83: extract_extra(user) 84: log_extra 85: end 86: end 87: 88: return encryptor.matches?(crypted, tokens) 89: else 90: return false 91: end 92: end