authenticate_on_every_request and Gateway

rubycas / rubycas-client

Ruby client for Yale's Central Authentication Service protocol -- an open source enterprise single sign on system for web applications.

http://code.google.com/p/rubycas-client/

Other

332 stars 217 forks source link

authenticate_on_every_request and Gateway #13

Open Jimflip opened 13 years ago

Jimflip commented 13 years ago

If using the gateway filter a request is made for every action, even though authenticate_on_every_request is set to false.

Not sure if this is necessary for the protocol (I don't think so), but obviously this has serious performance issues for us.

Cheers, Jim.

Jimflip commented 13 years ago

So is this just me or is this the expected behaviour? If you can confirm either way I can then look into debugging it.

soupmatt commented 13 years ago

This is what the current implementation does, and I agree that it is far from optimal. I'll plan on fixing it for the next release, but I don't know how soon that will be. Feel free to submit a patch with tests if you like.

Jimflip commented 13 years ago

I now understand better why its doing what it does, it is kinda an optimisation problem.

If there is no ticket in the session then no point going to CAS server to be told that when on a Gatewayed page, just wasn't sure if there is anything I am missing in doing this. I find the CAS protocol rather confusing, mostly due to poor documentation.

I am having a load of stability/deployment issues with rubycas server, and looking/forced to write my own version from scratch using node.js or move to a different protocol. So cannot commit to fixing this issue until server/protocol problems are resolved.

Cheers, Jm.

stgm commented 11 years ago

Well, for anyone looking for a quick fix, you can override this behaviour in your Rails application by creating a new file in config/initializers and using this code which simply redefines the relevant method in the Filter class:

module CASClient::Frameworks::Rails
    class Filter
        def self.unauthorized!(controller, vr = nil)
            if controller.params[:format] == "xml"
                if vr
                    controller.send(:render, :xml => "<errors><error>#{vr.failure_message}</error></errors>", :status => 401)
                else
                    controller.send(:head, 401)
                end
            else
                if use_gatewaying?
                    controller.logger.debug "Skipping redirect to CAS because of Gatewaying."
                else
                    redirect_to_cas_for_authentication(controller)
                end
            end
        end
    end
end

thiyagarajanth commented 8 years ago

Hi,

I used 'authenticate_on_every_request' its keep authenticate with server but while sending a post request to server with parameters, after authentication of this request am not getting the post method parameters. i don't know why ?

Regards Thiyagu.