require 'krb5_auth' # This module is responsible for adding Kerberos functionality to Authlogic. Checkout the README for more info and please # see the sub modules for detailed documentation. module AuthlogicKerberos # This module is responsible for adding in the Kerberos functionality to your models. It hooks itself into the # acts_as_authentic method provided by Authlogic. module ActsAsAuthentic # Adds in the neccesary modules for acts_as_authentic to include def self.included(klass) klass.class_eval do extend Config add_acts_as_authentic_module(Methods, :prepend) end end module Config def authenticate_with_kerberos(value=nil) config(:authenticate_with_kerberos, value, false) end alias_method :authenticate_with_kerberos=, :authenticate_with_kerberos # Set to a path to enable caching. %u will be replaced with the username def kerberos_cache_path(value=nil) config(:kerberos_cache_path, value, false) end alias_method :kerberos_cache_path=, :kerberos_cache_path end module Methods # This is where all of the magic happens. This is where we hook in and add all of the Kerberos sweetness. def save(perform_validation = true, &block) return false if perform_validation && block_given? && authenticate_with_kerberos? && !authenticate_with_openid result = super yield(result) if block_given? result end private def authenticate_with_kerberos krb5 = Krb5Auth::Krb5.new begin krb5.get_init_creds_password(self.login, self.password) rescue Krb5Auth::Krb5::Exception return false else return true ensure krb5.close end end def using_kerberos? self.class.authenticate_with_kerberos end def authenticate_with_kerberos? session_class.activated? && using_kerberos? end end end end