require 'omniauth-openid' require 'omniauth-ldap' require 'omniauth-twitter' require 'omniauth-facebook' require 'omniauth-linkedin' require 'omniauth-cas' require 'openid/store/filesystem' Rails.application.config.middleware.use OmniAuth::Builder do provider :open_id, store: OpenID::Store::Filesystem.new('/tmp'), name: 'google_apps', identifier: 'https://www.google.com/accounts/o8/id' provider :open_id, store: OpenID::Store::Filesystem.new('/tmp') provider :LDAP, host: 'ldap.example.com', port: 389, method: :plain, base: 'cn=users,dc=example,dc=com', uid: 'sAMAccountName', domain: '' #, try_sasl: true, sasl_mechanisms: "GSS-SPNEGO" provider :twitter, 'CONSUMER_KEY', 'CONSUMER_SECRET' provider :facebook, 'APP_ID', 'APP_SECRET' provider :linked_in, 'CONSUMER_KEY', 'CONSUMER_SECRET' provider :cas, host: 'cas.yourdomain.com', login_url: 'https://www.example.com/cas' # Other providers will need gems added in your Gemfile, and the provider configured in this block. # https://github.com/intridea/omniauth/wiki/List-of-Strategies end # This list will show the first choice as the default, and the rest as potential secondary login methods. PROVIDERS = [:google_apps, :open_id, :LDAP, :twitter, :facebook, :linked_in, :cas] # LDAP # :port (required) - The LDAP server port. # :method (required) - May be :plain, :ssl, or :tls. # :base (required) - The distinguished name (DN) for your organization; all users should be searchable under this base. # :uid (required) - The LDAP attribute name for the user name in the login form. Typically AD would be 'sAMAccountName' or 'UniquePersonalIdentifier', while OpenLDAP is 'uid'. You can also use 'dn' for the user to put in the dn in the login form (but usually is too long for user to remember or know). # :domain - Enter to keep users from having to enter the LDAP domain, usually in the form domain\username. Backslash will be appended automatically. # :try_sasl - Try to use SASL connection to server. # :sasl_mechanisms - Mechanisms supported are 'DIGEST-MD5' and 'GSS-SPNEGO'