1

I'm using rubycas-server GEM as my CAS server. This CAS server is checking user credentials from a user table of a different database. These users are created using Devise gem. Devise saves every user's password in encrypted form in database table. So in the configuration file of this rubycas-server contains a authenticator section, It's code is given below:

authenticator:
 class: CASServer::Authenticators::SQL
 database:
   adapter: postgresql
   database: testdb
   username: postgres
   password: root
   host: localhost
   pool: 5
 user_table: users
 username_column: email
 password_column: encrypted_password
 encrypt_function: <encryption function>

As stated above in the last line of code that, encrypted_function contains the algorithm to check credentials. Some samples given gelow in the URL

https://code.google.com/p/rubycas-server/wiki/UsingTheSQLEncryptedAuthenticator

But I can't find what will be suitable for devise. Please help.

  • I think rubycas-server supports Bcrypt by default and Devise using Bcrypt. so could you please remove that line and see what happens. – Manoj Menon Oct 15 '14 at 12:27
  • If I remove that line then `rubycas-server` is by default checking normal string password. Means the password entered in the login form is checked directly with the encrypted password, then every time it's showing "Incorrect login credentials" –  Oct 15 '14 at 12:29
  • Are you sure about the credentials(Username and password) you are entering is same as which have already stored in the authenticator db ie testdb. – Manoj Menon Oct 15 '14 at 12:33
  • yes, the credentials are correct, and the `rubycas-server` is not encrypting the login form password by default, because when I'm giving the encrypted_password string from database in login form then it's authenticating. –  Oct 15 '14 at 12:35
  • @ManojMenon I found the SQLBcrypt in `rubycas-server`, do you know to to configure this `SQLBcrypt` authenticator? –  Oct 16 '14 at 06:19
  • no,actually i had tried to use Ruby cas-server it was working fine without encrypt_function. You can also try Casino http://casino.rbcas.com/ which is well documented and great. – Manoj Menon Oct 16 '14 at 09:02
  • @ManojMenon thanks for your advise, but I got my solution –  Oct 16 '14 at 11:51
  • How, could you put it as a comment, it may help others also for future reference! – Manoj Menon Oct 16 '14 at 12:12
  • @ManojMenon, Wait I will give my answer after I fully test it. –  Oct 17 '14 at 06:09

1 Answers1

2

Finally I got solution for my question. Actually the encrypt_function: not needed in authenticator settings. As I'm using email and encrypted_password which is generated by Devise to check a user's credentials, the final authenticator is:

authenticator:
  class: CASServer::Authenticators::SQLBcrypt
  database:
   adapter: postgresql
   database: testdb
   username: postgres
   password: root
   host: localhost
   pool: 5
  user_table: users
  username_column: email
  password_column: encrypted_password

As Devise user BCrypt by default to encrypt the password, That's why I'm using CASServer::Authenticators::SQLBcrypt class. But rubycas-server gem don't set SQLBcrypt configurations by default. So go to lib/casserver/authenticators/authlogic_crypto_providers path and open brypt.rb file. In this file you can see these lines are commented, so un-comment them or if not present then add them

    acts_as_authentic do |c|
     c.crypto_provider = Authlogic::CryptoProviders::BCrypt
    end

Then run gem install bcrypt-ruby in your terminal or add this GEM to rubycas-server GEMFILE and restart the server. I think this should work.