implement Kerberos authentication 202
authorKen Dreyer <ktdreyer@ktdreyer.com>
Sun, 22 Apr 2012 04:43:33 +0000 (22:43 -0600)
committerKen Dreyer <ktdreyer@ktdreyer.com>
Thu, 17 May 2012 18:53:49 +0000 (12:53 -0600)
commit25503f084c3786a820ab5f9be42add6177cafcb6
tree78d08bce4b241e45a88350a71186984ed8e0f4b5
parent0d85f671f122f292dd56497eedd561efbb373e1d
implement Kerberos authentication

Add a new Gitorious::Authentication provider, KerberosAuthentication.
Instead of supporting username+password authentication, this module
checks the request.env HTTP request object from Rails.

mod_auth_kerb does not have a "pass-through" mechanism. If you fail
Kerberos auth, then mod_auth_kerb will display a 401 error. This means
that we must use mod_auth_kerb on a URL that will not interfere with
other password-based authentication mechanisms. Add a new "http" action
to the sessions controller to satisfy this requirement. I intend this to
be a general interface for any web server-integrated authentication
mechanism (eg mod_auth_kerb, or mod_ssl, etc).

Add a new "Kerberos" option to the login form.

Add a 401 HTTP error page. The sample Apache configuration shows how to
configure this error page with mod_auth_kerb.

Add some basic tests for the KerberosAuthentication plugin.
app/controllers/sessions_controller.rb
app/views/sessions/new.html.erb
config/authentication.sample.yml
lib/gitorious/authentication/kerberos_authentication.rb [new file with mode: 0644]
public/401.html [new file with mode: 0644]
test/unit/lib/gitorious/authentication/kerberos_authentication_test.rb [new file with mode: 0644]