Revision 74d32e15
Added by Jan Pazdziora about 10 years ago
app/controllers/users_controller.rb | ||
---|---|---|
User.current = nil
|
||
if request.post?
|
||
backup_session_content { reset_session }
|
||
user = User.try_to_login(params[:login]['login'].downcase, params[:login]['password'])
|
||
intercept = SSO::FormIntercept.new(self)
|
||
if intercept.available? && intercept.authenticated?
|
||
user = intercept.current_user
|
||
else
|
||
user = User.try_to_login(params[:login]['login'].downcase, params[:login]['password'])
|
||
end
|
||
if user.nil?
|
||
#failed to authenticate, and/or to generate the account on the fly
|
||
error _("Incorrect username or password")
|
app/services/sso/base.rb | ||
---|---|---|
raise NotImplementedError, "#{__method__} not implemented for this authentication method"
|
||
end
|
||
|
||
def current_user
|
||
return User.find_by_login(self.user)
|
||
end
|
||
|
||
end
|
||
end
|
app/services/sso/form_intercept.rb | ||
---|---|---|
module SSO
|
||
class FormIntercept < Apache
|
||
|
||
def login_url
|
||
controller.main_app.login_users_path
|
||
end
|
||
|
||
def logout_url
|
||
controller.main_app.logout_users_path
|
||
end
|
||
|
||
def expiration_url
|
||
controller.main_app.login_users_path
|
||
end
|
||
end
|
||
end
|
test/functional/users_controller_test.rb | ||
---|---|---|
assert_redirected_to edit_user_path(User.find_by_login('ares'))
|
||
end
|
||
|
||
test "should use intercept if available" do
|
||
SSO::FormIntercept.any_instance.stubs(:available?).returns(true)
|
||
SSO::FormIntercept.any_instance.stubs(:authenticated?).returns(true)
|
||
SSO::FormIntercept.any_instance.stubs(:current_user).returns(User.find_by_login('admin'))
|
||
post :login, {:login => {:login => 'ares', :password => 'password_that_does_not_match'} }
|
||
assert_redirected_to hosts_path
|
||
end
|
||
|
||
test 'non admin user should edit itself' do
|
||
User.current = users(:one)
|
||
get :edit, { :id => User.current.id }
|
Also available in: Unified diff
fixes #4462 - extending the /users/login handling to process REMOTE_USER through intercept