Hi Walter,
Last time I did this it was maybe 2007. We didn't do
"single sign on" per se, but we did authenticate against
the customers AD. We simply used Net::LDAP and hacked into
LoginSystem, which was an authentication api used by
some rails apps of that day.
I imagine Devise LDAP Authenticatable would work fine.
https://github.com/cschiewek/devise_ldap_authenticatable
I've had recent experience with the above agains OpenDJ
with errbit (
https://github.com/errbit/errbit), the open
source exception catcher.
The technical gotcha we experienced is that we needed to
connect to a non-standard port. When we were connecting to
389, AD kept returning LDAP referrals. Once we figured
that out (and I don't remember the port number) it was
smooth sailing with Net::LDAP.
Best,
Andy
--
Andrew Libby
xforty technologies
http://xforty.com
ali...@xforty.com
484-887-7505 x 1115