new classes with authenticate_on_every_request to true

rubycas / rubycas-client

Ruby client for Yale's Central Authentication Service protocol -- an open source enterprise single sign on system for web applications.

http://code.google.com/p/rubycas-client/

Other

332 stars 217 forks source link

new classes with authenticate_on_every_request to true #21

Closed llaurent closed 13 years ago

llaurent commented 13 years ago

per controller/action forced authentication-on-every-request

soupmatt commented 13 years ago

Skipping the ticket checks during the normal flow (your ForceFilter) isn't the desired behavior. In fact, these checks are skipped if the user is logged in and there is not service ticket provided. It is however, desirable as an extension to the gateway filter, as you could have it check just once. If you would like to implement that and provide rspec tests to show your changes work, I would be happy to accept that.