Class CASServer::Authenticators::ClientCertificate
In: lib/casserver/authenticators/client_certificate.rb
Parent: CASServer::Authenticators::Base

NOT YET IMPLEMENTED

This authenticator will authenticate the user based on a client SSL certificate.

You will probably want to use this along with another authenticator, chaining it so that if the client does not provide a certificate, the server can fall back to some other authentication mechanism.

Here‘s an example of how to use two chained authenticators in the config.yml file. The server will first use the ClientCertificate authenticator, and only fall back to the SQL authenticator of the first one fails:

authenticator: 

 -
   class: CASServer::Authenticators::ClientCertificate
 -
   class: CASServer::Authenticators::SQL
   database:
     adapter: mysql
     database: some_database_with_users_table
     user: root
     password:
     server: localhost
   user_table: user
   username_column: username
   password_column: password

Methods

validate  

Public Instance methods

validate(credentials)

[Source]

    # File lib/casserver/authenticators/client_certificate.rb, line 31
31:   def validate(credentials)
32:     read_standard_credentials(credentials)
33: 
34:     @client_cert = credentials[:request]['SSL_CLIENT_CERT']
35: 
36:     # note that I haven't actually tested to see if SSL_CLIENT_CERT gets
37:     # filled with data when a client cert is provided, but this should be
38:     # the case at least in theory :)
39: 
40:     return false if @client_cert.blank?
41: 
42:     # IMPLEMENT SSL CERTIFICATE VALIDATION CODE HERE
43:     raise NotImplementedError, "#{self.class.name}#validate NOT YET IMPLEMENTED!"
44: 
45:     return true # if SSL certificate is valid, false otherwise
46:   end

[Validate]