Can't login

[gbonline]

Hi, I'm looking for a CAS solution and i tryed this app. i can run this with bundle exec rails s so i try on browser standard port 3000. I've inserted some simple users in the users table and when i write username and password on the form fields i can't login ! I've tried the rubycas-server app and all have gone well What can I do? Giorgio

[luxflux]

To debug this, we need some more information. Please paste your configuration (cas.yml and database.yml) and as well how you created the database entries.

[gbonline]

Thank's for answer. My * .yml was copied from your examples and updated as follow: I've manually created the "casinousers" database on mysql, and used sql statement to create the users table and sql insert for values, the same I've done for rubycas-server.

cas.yml:
production:
  frontend:
    sso_name: 'CASino'
    footer_text: 'Powered by <a href="http://rbcas.com/">CASino</a>'
  authenticators:

########################################
# LDAP
########################################
#    my_company_ldap:
#      authenticator: 'LDAP'
#      options:
#        host: 'localhost'
#        port: 636
#        base: 'ou=people,dc=example,dc=com'
#        username_attribute: 'uid'
#        encryption: 'simple_tls'
#        extra_attributes:
#          email: 'mail'
#          fullname: 'displayname'

########################################
# SQL (ActiveRecord authenticator)
########################################
    my_funny_sql_database:
      authenticator: "ActiveRecord"
      options:
        connection:
          adapter: "mysql2"
          host: "localhost"
          username: "root"
          password: "giorgio"
          database: "casinousers"
        table: "users"
        username_column: "username"
        password_column: "password"
        extra_attributes:
          email: "email"
          fullname: "fullname"

the database.yml:
production:
  adapter: mysql2
  encoding: utf8
  reconnect: false
  database: CASinoApp
  pool: 5
  username: root
  password: giorgio
  socket: /var/run/mysqld/mysqld.sock

and my users table is:

mysql> desc users;
+----------+-------------+------+-----+---------+----------------+
| Field    | Type        | Null | Key | Default | Extra          |
+----------+-------------+------+-----+---------+----------------+
| idusers  | int(11)     | NO   | PRI | NULL    | auto_increment |
| username | varchar(45) | YES  |     | NULL    |                |
| password | varchar(45) | YES  |     | NULL    |                |
| email    | varchar(45) | YES  |     | NULL    |                |
| fullname | varchar(45) | YES  |     | NULL    |                |
| level    | int(11)     | YES  |     | NULL    |                |
+----------+-------------+------+-----+---------+----------------+
6 rows in set (0.03 sec)

PS i put a minus - before # to avoid automatic bold chars

[luxflux]

I allowed myself to edit your comment. You can use three ` to create code blocks.

This looks good so far. How does such a table row out of users look like? The password has to be hashed with a salt. You can create a password hash with salt for the password pw123 like this:

bundle exec ruby -rbcrypt -e 'puts BCrypt::Password.create("pw123")'

[gbonline]

Thank' for help! I've not understand that passwords need to be hashed. I've inserted plain text pwd on the users table. Now i've updated the password field length, i've updated the field with the string of your command BCrypt.. and now i can login !! In the example for rubycas-server there is a reference if need hashed pwds, so i thought that in casinoapp the pwd was plain text since i did not find any different indication. Last thing: mysql have a function for coding a text to insert into password field so i can use sql insert statement or i need a extra app for users management? thank's

[luxflux]

That's good to hear!

As cleartext passwords are really insecure, we just don't support them. I don't know any function to create hashed and salted passwords with MySQL only. Postgresql has support for this: http://www.postgresql.org/docs/8.3/static/pgcrypto.html .

The user management is not part of CASinoApp, so you maybe want to generate the hash with the command above and use it in you sql-statement.

[vmahindra-c]

hi, I have problem in login with users which i created in casino_users using mysql2 database. My cas.yml file is: defaults: &defaults login_ticket: lifetime: 600 service_ticket: lifetime_unconsumed: 300 lifetime_consumed: 86400 proxy_ticket: lifetime_unconsumed: 300 lifetime_consumed: 86400 frontend: sso_name: "CASino" footer_text: "Powered by <a href=\"http://rbcas.com/\">CASino"

development: <<: *defaults authenticators: my_company_sql_database: authenticator: "ActiveRecord" options: connection: adapter: "mysql2" host: "localhost" username: "root" password: "maheshwari" database: "CASinoApp" table: "casino_users" username_column: "username" password_column: "password" extra_attributes: email: "email_database_column" fullname: "displayname_database_column"

test: <<: *defaults authenticators: static: class: "CASino::StaticAuthenticator" options: users: testuser: password: "foobar123"

production: <<: *defaults authenticators: my_company_ldap: authenticator: "LDAP" options: host: "localhost" port: 12445 base: "dc=users,dc=example.com" username_attribute: "uid" encryption: "simple_tls" extra_attributes: email: "mail

and my database.yml is:

development: adapter: mysql2 encoding: utf8 reconnect: false database: CASinoApp pool: 5 username: root password: maheshwari socket: /var/run/mysqld/mysqld.sock

casino_users table:

+----+---------------+----------+-------------------------------------------------------------+---------------------+---------------------+ | id | authenticator | username | extra_attributes | created_at | updated_at | +----+---------------+----------+-------------------------------------------------------------+---------------------+---------------------+ | 1 | vijay | vijay | NULL | NULL | NULL | | 2 | static | testuser | --- !ruby/hash:ActiveSupport::HashWithIndifferentAccess {} | 2015-06-29 10:42:36 | 2015-06-29 12:43:32 | | 3 | vijay1 | vijay123 | --- !ruby/hash:ActiveSupport::HashWithIndifferentAccess | 2015-06-30 10:42:36 | 2015-06-29 12:46:32 | | 4 | vijay2 | vijay123 | --- !ruby/hash:ActiveSupport::HashWithIndifferentAccess {} | 2015-06-30 10:42:36 | 2015-06-29 12:46:32 | +----+---------------+----------+-------------------------------------------------------------+---------------------+---------------------+