Prashant Sahni Blog

Single Sign on in Rails

Requirement

User should be able to maintain the session ( authenticated ) on multiple websites ( apprentely from the same group/network/domain ) with sign in just once.

Example:

User sign in to gmail, he/she gets automatically signed in to youtube or any other website from the google.

Basic Idea:

Here is a high level pictorial representation of the concept.
The following image I copied from here. Thank you Matt Aimonetti sso-login-image

Now read this explanation at this link

Note:

I have copied this images shamelessly. The goal is to put the information into top of the head in organized manner, so that somebody can start with it. Thank you so much to the author of the website.

How To Implement:

Setting up server

We need to have a master website( or cas server) and a client website( which is going to use cas server, they will be cas protected ).

Lets start.

  1. Clone rubycas-server git clone https://github.com/rubycas/rubycas-server

  2. Follow the Readme

  3. If you are following things mentioned above, then clearly a question comes, how the users account information will be stored at the cas server. What I figured out, I am telling you. Please copy this table structure into db/migrate/001_create_initial_structure.rb ( Ideally there should be an app folder in rubycas-server which should have controllers and models )

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
    # Creating User table for storing users credentials
    create_table "users", :force => true do |t|
     t.string   "email",                                 :default => "", :null => false
     t.string   "encrypted_password",     :limit => 128, :default => "", :null => false
     t.string   "reset_password_token"
     t.datetime "reset_password_sent_at"
     t.datetime "remember_created_at"
     t.integer  "sign_in_count",                         :default => 0
     t.datetime "current_sign_in_at"
     t.datetime "last_sign_in_at"
     t.string   "current_sign_in_ip"
     t.string   "last_sign_in_ip"
     t.string   "username"
     t.string   "encryption_salt"
     t.datetime "created_at",                                            :null => false
     t.datetime "updated_at",                                            :null => false
    end
  1. Run server as mentioned in the Readme, the server boot process will run the migrations automatically. The server should be running at the port, you have mentioned in config.yml. You must be having a screen like this

  2. Now make an script to insert users into the database, because till now you have no sign up mechanism.
Setting up SSO Client

I have made a sso client in rails, please clone it, follow the Readme, and run it on your local machine https://github.com/psahni/sso_client_rails

After successful login you will see following screen

comments powered byDisqus