search

NUBIC / aker

A flexible security framework for Rack (and Rails) apps. Good for integration with legacy systems, CAS SSO (including proxying), machine and interactive authentication, and much more.
MIT License
1 stars 2 forks source link

Fix example of using 'session-timeout-seconds' in documentation. #20

Closed mgurley closed 12 years ago

mgurley commented 12 years ago

The documentation of the class Aker::CentralParameters incorrectly says you can configure the session timeout like so:

Aker.configure { ldap_parameters :server => 'ldap.example.org', user => 'cn=foo', :password => '13635;nefvqerg35245gk' policy_parameters :session_timeout_seconds => 1500 }

It should read:

Aker.configure { ldap_parameters :server => 'ldap.example.org', user => 'cn=foo', :password => '13635;nefvqerg35245gk' policy_parameters :'session-timeout-seconds' => 1500 }

The constituent tokens of the 'session-timeout-seconds' need to be separated by dashes, not underscores.

hannahwhy commented 12 years ago

I think both keys ought to be supported with a direction towards deprecating the dashed version.

The choice to use session-timeout-seconds was one of maintaining backwards compatibility with existing Aker central configuration files; however, there's no reason why those cannot be changed.

Also, consider that the CAS configuration parameters are named e.g. cas_base_url.

rsutphin commented 12 years ago

Agreed, we should probably do both. But we should definitely fix the docs.