this is my first post on SO, but I have been reader for long time :)
I'm currently working on LDAP authentication for Rails app. I'm using ruby Net::LDAP library - I'm abble to succesfully bind and login using technical account and search for a specific user. What I don't know how to do, is how to verify finded AD user password with the one he provided during logon. Because of AD policy restriction, I can make binding only from the technical account - so the use sollution with binding every logging user to AD cannot be used here.
Thanks for any help
Check out .bind_as: According to the docs
http://www.rubydoc.info/gems/ruby-net-ldap/Net/LDAP#bind_as-instance_method
it is for testing authentication credentials.
Related
I am trying to authenticate users from Active Directory using devise and ldap in Rails .
I am successful in authenticating from Login Credentials which users enter.
But once user is authenticated his credentials will be saved in session.
I do not want users to login using credentials. But the application
should detect Domain once user logs into windows and use Windows authentication
if that Domain is present in Active Directory.
I followed this : http://everything-ruby.blogspot.in/2011/04/installing-windows-server-2008-ee-with_13.html and works fine.
Can anyone guide me in right path to achieve this?
Thanks in Advance
Kind of an old post but others may be interested:
It sounds to me that what you're trying to achieve is single sign-on. If so then you probably want to look into CAS (Central Authentication Services) instead. AD supports this and it's pretty easy in Rails as well.
First time posting, but been a long time reader. I'm tasked to use my university's CAS to authenticate users on a ruby on rails app. I have my welcome page that has a link to the signon screen that then is forwarded to a dashboard with a ticket in the url. I'm a bit confused on how to take that ticket and authenticate the ticket in order to get the info of the user that has logged in. Please help. THanks in advance.
Your application must take the ticket returned by the user's browser and make a direct call back to CAS and "turn in" the ticket to retrieve the actual user information.
You basically have three protocols/endpoints that can be used: /cas/validate, /cas/serviceValidate, and /cas/samlValidate. See http://www.jasig.org/cas/protocol for details.
But instead of writing your own solution, check out Ruby on Rails CAS Clients for a couple of options.
I am trying to implement a facebook user authentication in my iOS6 App through my Rails Backend running with Devise using omniauth. I am looking for a step by step guide how to setup my API and Devise + Authentication.
I only have a only have a rough knowledge about how to do that.
(on App) check if the user signs in on his facebook on iPhone
iPhone is authenticated client sided on Facebook. FB passes me his mobile auth token
I send my auth token or auth hash to my rails backend via API RESTful SSL.
Rails receives the Token and checks if it is valid. ( What command uses the least traffic against FB Graph API? with Koala Gem)
If valid. Check if the user already exists. If not, create a new user.
Create a new session.
Is this correct?
Are there any good examples?
Thank you very much.
I'm not familiar with the iPhone piece, but your approach after that is generally accurate. The only exception is that you would typically use provider + uid to find or create a user, rather than a token. That might be what you meant by your #5, but it wasn't clear to me.
Beyond that, there is a good (paid) Railscast on the subject of Omniauth + Devise, which would probably be worth the price for you:
http://railscasts.com/episodes/235-devise-and-omniauth-revised
It covers how you can receive and handle the auth hash, and it gives you a nice starting point for what your methods will look like.
if you don't access to pro episodes i have some links to help.
http://jessewolgamott.com/blog/2012/01/19/the-one-with-a-json-api-login-using-devise/
you can also look into it
http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/
Nice and easy to code
http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/
I hope these will work for you :)
http://www.orhancanceylan.com/rails-twitter-and-facebook-authentications-with-omniauth-and-devise/
I'm currently using the databasedotcom gem to authenticate and connect to Salesforce. So a user on my app signs in to salesforce and then I can show their organization Users by materializing the User table and doing SF::User.all.
Now, this works, but sometimes, it returns another users details.
The authentication token is mine at all times though.
Help is appreciated.
I recently ran into a very similar issue using Twitter and Oauth. Are you using a global configuration of some sort? Check out the Thread safety section here: https://github.com/sferik/twitter#thread-safety I think it might be relevant.
I wonder if someone may be able to help me please? I've been trying to find an article which can run me through username / password authentication within iOS with limited success. I found a good article from http://www.raywenderlich.com/6475/basic-security-in-ios-5-tutorial-part-1 and I thought this would answer my questions. Unfortunately, I hit a snag after following the tutorial to the letter whereby I was just presented with a blank screen. Whilst I've contacted Chris Lowe (the chap who done the tutorial) I haven't had a response back and I've hit a bit of a brick wall.
I wondered if anyone could point me in the right direction where I could learn how to do this and whether there were any code snippets which could be used etc etc?
Ideally I'm trying to get my application to prompt users for a username / email and password so that I can authenticate them using a web service connection from a company called parse.com. Its all very very new to me and I'm struggling but any help would be greatly appreciated.
Thanks in advance,
Sean
I realize this is an older post but what type of authentication were you trying to implement? A custom system where users enter a service specific email/password? Facebook auth? Twitter Auth? Google account auth? MSFT account auth?
If you're looking for any of the latter four, you may want to check out WA Mobile Services and these two tutorials:
-Getting started with authentication: https://www.windowsazure.com/en-us/develop/mobile/tutorials/get-started-with-users-ios/
-Authorizing users with server-side scripts: https://www.windowsazure.com/en-us/develop/mobile/tutorials/authorize-users-in-scripts-ios/
Essentially, once you obtain the Client ID and Client Secret from the relevant service, you're then your to write a method that checks to see if a user is already logged in. If not, you'll then display the relevant login option (the first tutorial shows a Facebook auth walk through).
If you were looking for a custom authentication system that allows users to create a service/app specific account, then you might find this post helpful: http://thejoyofcode.com/Exploring_custom_identity_in_Mobile_Services_Day_12_.aspx
Hope this helps,
Miranda