Closed GoogleCodeExporter closed 9 years ago
I think you might have an easier time just using a self-signed SSL certificate
than
trying to completely disable SSL. CAS is designed to work with SSL, and trying
to get
around this probably won't get you far.
Even if you disable SSL on the server-side, your CAS client will probably still
try
to connect via secure HTTP. For example, the RubyCAS-Client will always try to
use
SSL, regardless of whether you use an http or https address.
In short, either use a self-signed certificate, or get a free one from a CA.
These
instructions should get you started on creating a self-signed certificate:
http://sial.org/howto/openssl/self-signed/. Alternatively,
http://www.rapidssl.com/ssl-certificate-products/free-ssl/freessl.htm will get
you a
fully-functioning 30 day certificate that you should be able to use with
RubyCAS-Server.
Let me know if this still doesn't help.... if you really insist on not using
SSL, in
addition to the changes you made in the server, you could try disabling
encryption in
RubyCAS-Client by editing lib/cas.rb and changing "https.use_ssl = true" to
"https.use_ssl = false" (should be around line 64) -- although I can't
guarantee that
this will work.
Original comment by matt.zuk...@gmail.com
on 5 Jun 2007 at 9:06
I've attached a self-signed SSL certificate that you should be able to use with
RubyCAS-Server for demo purposes. This .pem contains the key and the cert, so
just
use the ssl_cert option in your config.yml.
Original comment by matt.zuk...@gmail.com
on 5 Jun 2007 at 9:25
Attachments:
Thank you for the cert, it allowed me to confirm that both SSL and Non-SSL are
working correctly.
After much pain and suffering (debugging camping framework) it turns out that
the
problem above is due to bugs in the camping framework. The latest camping gem
(october last year! ) has syntax errors and other bugs in it.
Only after grabbing the latest camping source code from SVN were we able to get
rubycas-server to work against a dummy Authorization module. See default.rb
above
Have you considered making rubycas-server available on Ruby on Rails?
This will also allow us to move our existing RoR login screens onto
rubycas-server.
We want to introduce rubycas-server into our existing customer facing RoR web
applications without any obvious changes.
Original comment by ruby...@gmail.com
on 19 Jun 2007 at 5:24
Ah yes you're right, RubyCAS-Server requires Camping 1.5.180, which is only
available
via SVN. I totally forgot to mention this in installation docs (I guess maybe I
assumed the new version would be released by now).
I'll add the note to the installation wiki.
Regarding moving RubyCAS-Server from Camping to Rails -- the main problem is
that
Rails handles requests synchronously. Why this is a problem is a bit difficult
to
explain without getting into the details of how the CAS protocol works, but
basically
it means that Rails is not a suitable platform for a CAS server. Anyway, Rails
is
meant for CRUD-based, UI-heavy apps, not back-end servers like RubyCAS-Server.
Original comment by matt.zuk...@gmail.com
on 19 Jun 2007 at 6:14
Original comment by matt.zuk...@gmail.com
on 19 Jun 2007 at 9:57
I should add to this that RubyCAS-Server should work just fine with Camping 1.5
as
long as you're not using Mongrel. For Mongrel, you'll need 1.5.180 (and
RubyCAS-Server already checks to make sure that you have this if you try to run
using
Mongrel).
Original comment by matt.zuk...@gmail.com
on 19 Jun 2007 at 10:02
Original issue reported on code.google.com by
ruby...@gmail.com
on 5 Jun 2007 at 7:55Attachments: