README in rubycas-client-0.10.1 vs README in rubycas-client-0.11.0

- old
+ new

@@ -1,8 +1,8 @@
 = RubyCAS-Client
 
-Author::    Ola Bini <ola.bini AT ki DOT se>, Matt Zukowski <matt AT roughest DOT net>, Matt Walker <mwalker AT tamu DOT edu>
+Author::    Matt Zukowski <matt AT roughest DOT net>, Ola Bini <ola.bini AT ki DOT se>, Matt Walker <mwalker AT tamu DOT edu>
 Copyright:: (c) 2006 Karolinska Institutet, portions (c) 2006 Urbacon Ltd.
 License::   GNU Lesser General Public License v2.1 (LGPL 2.1)
 Website::   http://rubyforge.org/projects/rubycas-client and http://code.google.com/p/rubycas-client
 
 === RubyCAS-Client is a Ruby client library for Yale's Central Authentication Service (CAS) protocol.
@@ -20,19 +20,20 @@
 This CAS client library is designed to work easily with Rails, but can of course be used elsewhere.
 
 == Installing
 
 You can always download the latest version of RubyCAS-Client from the project's rubyforge page at http://rubyforge.org/projects/rubycas-client.
-However probably the easiest way to install CAS support into your Rails app is via the plugins facility:
+However, probably the easiest way to install CAS support into your Rails app is via the plugins facility:
 
-  ./script/plugin install http://rubycas-client.rubyforge.org/plugin/rubycas-client
+  ./script/plugin install http://rubycas-client.googlecode.com/svn/trunk/rubycas-client
 
 Alternatively, the library is also available as a gem, which can be installed by:
 
   gem install rubycas-client
   
-The latest development version is availabe via subversion:
+If your Rails application is under subversion control, you can also install the plugin as an external, which will ensure that
+you are always up to date:
 
   ./script/plugin install -x http://rubycas-client.googlecode.com/svn/trunk/rubycas-client
   
 Please contact the developers via the {rubyforge.org page}[http://rubyforge.org/projects/rubycas-client] if you have bug fixes
 or enhancements you would like to contribute back.
@@ -43,11 +44,17 @@
 
 Somewhere in your <tt>config/environment.rb</tt> file add this (assuming that you have RubyCAS-Client installed as a plugin, otherwise
 you'll need to <tt>require 'cas_auth'</tt> and <tt>require 'cas_proxy_callback_controller'</tt>):
 
   CAS::Filter.cas_base_url = "https://login.example.com/cas"
+  
+You will also probably (but not necessarily) need to specify the server name where your CAS-protected app is running:
 
+  CAS::Filter.server_name = "yourapplication.example.com:3000"
+
+The above setting might not be necessary if your application is running on the standard port 80.
+
 Then, in your <tt>app/controllers/application.rb</tt> (or in whatever controller you want to add the CAS filter for):
 
   before_filter CAS::Filter
   
 That's it. You should now find that you are redirected to your CAS login page whenever you try to access any action
@@ -125,17 +132,21 @@
 Once your user logs in to CAS via your application, you can do the following to obtain a service ticket that can then be used
 to authenticate another application:
 
   service_uri = "http://some.other.application"
   proxy_granting_ticket = session[:casfilterpgt]
-  ticket = CAS::Filter.request_proxy_ticket(service_uri, proxy_granting_ticket)
+  ticket = CAS::Filter.request_proxy_ticket(service_uri, proxy_granting_ticket).proxy_ticket
 
-<tt>ticket</tt> should now contain a valid service ticket. You can use it to authenticate your other by sending it and the service URI
+<tt>ticket</tt> should now contain a valid service ticket. You can use it to authenticate by sending it and the service URI
 as query parameters to your target application:
 
-  http://some.other.application?service=#{ticket.target_service}&ticket=#{ticket.proxy_ticket}
+  http://some.other.application?service=#{CGI.encode(ticket.target_service)}&ticket=#{ticket.proxy_ticket}
   
-This is of course assuming that some.other.application is also protected by the CAS filter.
+This is of course assuming that some.other.application is also protected by the CAS filter. 
+Note that you should always URI-encode your service parameter inside URIs!
+
+Note that CAS::Filter#request_proxy_ticket actually returns a CAS::ProxyTicketRequest object, which is why we need to call
+#proxy_ticket on it to retrieve the actual service ticket.
 
 For extra security -- and you will likely want to do this on production machines in the wild -- in the proxied app's configuration
 (some.other.appliction in this example) you can specify the list of authorized proxies. For example, on your proxied app the CAS
 configuration might look something like this:
 
\ No newline at end of file