...
You should get the cron job automatically if you were deploying from Capistrano.
Authentication Strategy
Avalon comes with Persona by default but it can be configured to work with other authentication strategies by using the appropriate omniauth gems. The following example is applicable to Indiana University CAS, it may need some adjustments in order to work with other CAS implementation.
Add to Gemfile
Code Block |
---|
gem 'net-ldap'
gem 'omniauth-cas', :git => "https://github.com/cjcolvar/omniauth-cas.git" |
Install new gems
Code Block |
---|
bundle install |
Add to config/initializers/my-ldap.rb
Code Block |
---|
module Avalon
MY_GUEST_LDAP = Net::LDAP.new
MY_GUEST_LDAP.host = "eads.myuni.edu"
MY_GUEST_LDAP.authenticate 'cn=******,ou=Accounts,dc=eads,dc=myuni,dc=edu', '******'
GROUP_LDAP = Net::LDAP.new
GROUP_LDAP.host = "ads.myuni.edu"
GROUP_LDAP.authenticate 'cn=******,ou=Accounts,dc=ads,dc=myuni,dc=edu', '******'
GROUP_LDAP_TREE = "dc=ads,dc=myuni,dc=edu"
end |
Add config/initializers/user_auth_cas.rb
Code Block |
---|
require 'net/ldap'
User.instance_eval do
def self.find_for_cas(access_token, signed_in_resource=nil)
logger.debug "#{access_token.inspect}"
#data = access_token.info
username = access_token.uid
email = nil
if username =~ /\d{11}/
tree = "dc=eads,dc=myuni,dc=edu"
filter = Net::LDAP::Filter.construct("(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=eads,DC=myuni,DC=edu)(cn=#{username}))")
username = Avalon::MY_GUEST_LDAP.search(:base => tree, :filter => filter, :attributes=> ["mail"]).first.mail.first
email = username
end
user = User.where(:username => username).first
unless user
if email.nil?
tree = "dc=ads,dc=myuni,dc=edu"
filter = Net::LDAP::Filter.eq("cn", "#{username}")
email = Avalon::GROUP_LDAP.search(:base => tree, :filter => filter, :attributes=> ["mail"]).first.mail.first
end
user = User.create(username: username, email: email)
end
user
end
end |
Add to config/settings/production.local.yml
Code Block |
---|
auth:
configuration:
- :name: My University
:logo: my_logo.png
:provider: :cas
:params:
:host: cas.myuni.edu
:login_url: /cas/login
:service_validate_url: /cas/validate
:logout_url: /cas/logout
:ssl: true |
Using the System
You should be able to visit the webpage with just the hostname (ie http://localhost)
...