Open hannahwhy opened 11 years ago
A couple of notes on this hypothetical Aker::Cas::SelfHostedRackProxyCallback
:
Aker::Cas::RackProxyCallback
is probably fine to start with, but any key-value store would be usable. (For example, a global Ruby hash with synchronized writing would probably work out fine for single-process applications.)
The CAS 2 protocol only mandates a single URL for sending PGTs to services using CAS proxy tickets. (See section 2.5.4.)
Aker's CAS support adds a second URL for retrieving PGTs. This was modelled off of
rubycas-server
andrubycas-client
behavior, but it is not required by the CAS protocol. It was added in the Old Days when making Rails applications handle multiple requests in development and test modes was tricky.Things are different now: Rails multithreading is no longer a joke and
rubycas-client
has done away with the PGT retrieval URL. Aker's CAS support ought to be able to join this brave new era of protocol compliance.However, we want to usher in that era without unrest, which means that the current ways of Aker must be preserved. To this end, I want to make changes that achieve the following three goals:
For goal 3, I think it is best to add new Rack middleware that
receive_pgt
endpoint installed by the callbackThis will work with the CAS PGT protocol as follows:
In code: