Understanding SQLEncryptedAuthenticator

Skip to first unread message


Aug 24, 2013, 5:08:09 PM8/24/13
to rubycas...@googlegroups.com
Hi all,

Perhaps someone could clarify usage of SQLEncryptedAuthenticator for me as I'm thoroughly confused reading the instructions available via https://code.google.com/p/rubycas-server/wiki/UsingTheSQLEncryptedAuthenticator.

Configuring config.yml is straight forward to enable SQLEncryptedAuthenticator. What I'm not getting is where the instructions ask you to create a migration in addition to updating your user model with the following code:

require 'casserver/authenticators/sql_encrypted'

class User < ActiveRecord::Base

# ...

I have two applications within my organization that I'm expecting to to authenticate with against RubyCAS. They are both Ruby on Rails applications. Am I reading the instructions right that I have to update the user model on my actual Rails application and NOT the RubyCAS server? Is the migration going to the individual applications and not the RubyCAS server also? How will RubyCAS even know what my User model looks like for any application authenticating against it? When users sign up and register, isn't it all done through the RubyCAS server and not the individual applications I'm building that will use RubyCAS to authenticate? 

I guess I'm not understanding why any migrations would be ran on my applications instead of modifying a user model and/or migration directly on the RubyCAS server itself. Wouldn't that make the most sense? 

Thanks for any possible clarification anyone could provide.


de Herdt Arne

Aug 26, 2013, 10:19:25 AM8/26/13
to rubycas...@googlegroups.com

The authenticators are a set of classes that are part of the RubyCAS instance. They perform the actual work of connecting to the database and check the username and password.
You should not be including them inside your user model.

What you actually need to do is configure them in the YAML file as mentioned in the documentation.
They connect to the database provided in the configuration and try to find a user with the provided username and password. If they can find a matching row they will return the row and the additional information specified in the configuration.

You should not change anything on your application, because your User model will just be a generic user. By using CAS you can eliminate the need to have your application connect to a database, since all relevant information will be returned by CAS instead.

Arne De Herdt               

Software Engineer / ScrumMaster



ProSiebenSat.1 Games GmbH

A company of ProSiebenSat.1 Media AG


Medienallee 19

D-85774 Unterföhring

Tel. +49 (89) 9507-8808

Mobile +49 (151) 4416-5499

Fax +49 (89) 9507-98934


Executive Board: Tung Nguyen-Khac (Chief Executive Officer)

Lothar Eckstein, Markus Lipp, Markus Büchtmann

Company Residence: Unterföhring

HRB 119657 AG Munich

VAT number DE 182196509
TAX no. 9143/122/60981

You received this message because you are subscribed to the Google Groups "RubyCAS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubycas-serve...@googlegroups.com.
To post to this group, send email to rubycas...@googlegroups.com.
Visit this group at http://groups.google.com/group/rubycas-server.
For more options, visit https://groups.google.com/groups/opt_out.
Reply all
Reply to author
0 new messages