The way the code is put together implies There Will Only Ever Be One Filter.

This is particularly annoying to test, as:

• You have to proxy the implementation to apply common stubbing techniques (Try RubyCAS::Filter.any_instance.expects(...) for example)
• @@config is global state
• The common way in which RubyCAS::Filter is recommended to be used (in a before_filter), and how it relies on the global configuration behaviour is complex

Having looked at the origins of this, I understand it's from the depths of 2006 or earlier, but it could do with a bit of love to remove the singleton nature and configuration pattern in favour of something more DI flavoured.

ie:

    class YourController
      before_filter :configurize, :restrict
      
      def configurize
        client = CASClient.new()
        @filter = RubyCAS::Filter.new(client, config.rubycas)
      end




      def restrict
        @filter.filter(self)
      end
    end

Hi,

class ApplicationController < ActionController::Base
  before_filter RubyCAS::Filter
end
class MyController < ApplicationController

skip_before_filter RubyCAS::Filter
def index

# But here before_filter is triggered !

end

end

How to do that ?

Regards,
Rivsc

The problem is that the CAS server sends single sign out requests to the service URL. If you hard code config.rubycas.service_url this isn't a problem, but we don't want to do that for various reasons.

If you don't set the service_url, rubycas-client uses the current URI. However, typically these URI's are only valid for GET, but single sign out notifications are sent as POST. In Rails 3.0 this wasn't a problem, but Rails 3.1 responds with a 404 to the POST before the CAS filter runs.

When I use RubyCAS::Filter.logout(self) it redirect to https://example.com/cas/logout?destination=http://localhost:3000/customers but I need redirect to https://example.com/cas/logout?url=http://localhost:3000/customers, my cas server use url and not destination as parameter.

The version on rubygems.org of this gem is quite old. Would be cool to see a new one there! :)

Single Sign Out functionality does not currently work for me. I traced one of the problems to the regexp in RubyCas::Filter#single_sign_out. To get things to work I had to add URI.unescape to the left side of the =~.

pull request to follow

When trying to use the code
before_filter RubyCAS::GatewayFilter

I get the following error:
uninitialized constant RubyCAS::GatewayFilter

I think is because the GatewayFilter is incorrectly nested.

I believe that the Filter class isn't closed (ended) until after the GatewayFilter is defined. i.e. the GatewayFilter is an inner class of Filter.

A better way of me showing this is to look at the code at the bottom of the rubycas-client-rails.rb file:

      class GatewayFilter < Filter        #(start the GatewayFilter class)
        def self.use_gatewaying?        #(start the use_gatewaying? method)
          return true unless @@config[:use_gatewaying] == false
        end                                               #(end the use_gatewaying? method)
      end                                                 #(end GatewayFilter class)
    end                                                   #(end Filter class) 
 end                                                     #(end the module RubyCAS)

The code that looks like it closing the Filter class, is actually closing the "class << self" code within Filter.

After updating rubycas-client from 2.2.1 to 2.3.1 seems to trigger the following error in rubycas-client-rails.

(undefined method `response' for #CASClient::ServiceTicket:0xd3aa144):

Rolling back to 2.2.1 makes the issue go away.

I am getting the following issue:

Started GET "/" for 127.0.0.1 at 2011-04-12 15:38:32 +0100
Processing by ApplicationController#index as HTML
Guessed service url: "http://localhost:3002/"
Generated login url: http://localhost:3000/login?service=http%3A%2F%2Flocalhost%3A3002%2F
Redirecting to "http://localhost:3000/login?service=http%3A%2F%2Flocalhost%3A3002%2F"
Redirected to http://localhost:3000/login?service=http%3A%2F%2Flocalhost%3A3002%2F
Completed 302 Found in 1ms

Started GET "/?ticket=ST-1302619113r5FBE2774BCA3684F53" for 127.0.0.1 at 2011-04-12 15:38:33 +0100
Processing by ApplicationController#index as HTML
Parameters: {"ticket"=>"ST-1302619113r5FBE2774BCA3684F53"}
Request contains ticket "ST-1302619113r5FBE2774BCA3684F53".
Guessed service url: "http://localhost:3002/"
Requesting CAS response for URI http://localhost:3000/proxyValidate?service=http%3A%2F%2Flocalhost%3A3002%2F&ticket=ST-1302619113r5FBE2774BCA3684F53
CAS server responded with #<Net::HTTPOK 200 OK readbody=true>:

<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
cas:authenticationSuccess
cas:[email protected]/cas:user
cas:firstnamedsfgg/cas:firstname
cas:surnamedsf/cas:surname
/cas:authenticationSuccess
/cas:serviceResponse
Ticket "ST-1302619113r5FBE2774BCA3684F53" for service "http://localhost:3002/" belonging to user "[email protected]" is VALID.
Extra user attributes provided along with ticket "ST-1302619113r5FBE2774BCA3684F53": {}.
Rendered application/index.html.erb within layouts/application (1.5ms)
Completed 200 OK in 121ms (Views: 4.3ms | ActiveRecord: 0.0ms)

TypeError (singleton can't be dumped):

Rendered /Users/newbray/.rvm/gems/ruby-1.9.2-p136/gems/actionpack-3.0.6/lib/action_dispatch/middleware/templates/rescues/_trace.erb (0.8ms)
Rendered /Users/newbray/.rvm/gems/ruby-1.9.2-p136/gems/actionpack-3.0.6/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (3.9ms)
Rendered /Users/newbray/.rvm/gems/ruby-1.9.2-p136/gems/actionpack-3.0.6/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (9.0ms)

Any ideas? i'm at a loss as to how to solve this.

Thanks

I still have no idea what the real difference is, but I'm almost certain this gem is simply a relic from times past.

However, I had still been using it because I simply had no idea I could be using rubycas-client just as well. I migrated my Rails app in a minute or 2.

It would be very helpful if you simply mention at the top of the README what this gem is still good for (old versions of Rails maybe?).

When using the single-sign-out, I got the following error: NameError: uninitialized constant CGI::Session in /var/lib/gems/1.9.1/bundler/gems/rubycas-client-rails-cec213ae2fbe/lib/rubycas-client-rails.rb:307:in `rescue in single_sign_out'

/var/lib/gems/1.9.1/bundler/gems/rubycas-client-rails-cec213ae2fbe/lib/rubycas-client-   rails.rb:307:in `rescue in single_sign_out'
/var/lib/gems/1.9.1/bundler/gems/rubycas-client-rails-cec213ae2fbe/lib/rubycas-client-   rails.rb:302:in `single_sign_out'
/var/lib/gems/1.9.1/bundler/gems/rubycas-client-rails-cec213ae2fbe/lib/rubycas-client-   rails.rb:43:in `filter'
activesupport (3.1.0.rc5) lib/active_support/callbacks.rb:313:in `before'
activesupport (3.1.0.rc5) lib/active_support/callbacks.rb:302:in `_callback_before_128'
activesupport (3.1.0.rc5) lib/active_support/callbacks.rb:412:in    `_run__4274737423150550086__process_action__3721162684752423431__callbacks'
activesupport (3.1.0.rc5) lib/active_support/callbacks.rb:386:in    `_run_process_action_callbacks'
activesupport (3.1.0.rc5) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (3.1.0.rc5) lib/abstract_controller/callbacks.rb:17:in `process_action'
actionpack (3.1.0.rc5) lib/action_controller/metal/rescue.rb:17:in `process_action'
actionpack (3.1.0.rc5) lib/action_controller/metal/instrumentation.rb:30:in `block in    process_action'
activesupport (3.1.0.rc5) lib/active_support/notifications.rb:55:in `block in instrument'
activesupport (3.1.0.rc5) lib/active_support/notifications/instrumenter.rb:21:in    `instrument'
activesupport (3.1.0.rc5) lib/active_support/notifications.rb:55:in `instrument'
actionpack (3.1.0.rc5) lib/action_controller/metal/instrumentation.rb:29:in    `process_action'
actionpack (3.1.0.rc5) lib/action_controller/metal/params_wrapper.rb:202:in    `process_action'
activerecord (3.1.0.rc5) lib/active_record/railties/controller_runtime.rb:18:in `process_action'

When I put before_filter RubyCAS::Filter in my controller's script, it drops that undefined methodbefore' for RubyCAS::Filter:Class`...

I don't know why but rubycas-client-rails works just fine with Rails 4.0.2 in another app. Could you please help me to figure it out?

Hi

I am using rubycas-client-rails 2.3.9 and rubycas-server (1.1.1)

On my rubyserver config file i am using postgres. Also for authentication using postgres db, with users table, pointing to name and password columns.

coming to rubycas-client-rails in application.rb
i have added this line
config.rubycas.cas_base_url = "http://192.168.1.52:443" # where cas-server is running

in home controller
before_filter RubyCAS::Filter
is added

when i tries to open this home page, my app is redirecting to cas server login page,
and if i give correct credentials it is try to redirect me to home page of app,
but as it trying to redirect to home path (ie http://localhost:3000/users?ticket=ST-1347606610r360A47D0E4A633DED1)

i am getting this error

NoMethodError (undefined method `inject' for true:TrueClass):

my cas server log is here

carmatec-10.local - - [14/Sep/2012:12:40:10 IST] "GET /login?service=http%3A%2F%2Flocalhost%3A3000%2Fusers HTTP/1.1" 303 0

• -> /login?service=http%3A%2F%2Flocalhost%3A3000%2Fusers
  carmatec-10.local - - [14/Sep/2012:12:40:10 IST] "GET /proxyValidate?service=http%3A%2F%2Flocalhost%3A3000%2Fusers&ticket=ST-1347606610r360A47D0E4A633DED1 HTTP/1.1" 200 175
• -> /proxyValidate?service=http%3A%2F%2Flocalhost%3A3000%2Fusers&ticket=ST-1347606610r360A47D0E4A633DED1

here my local application log

Started GET "/users?ticket=ST-1347606610r360A47D0E4A633DED1" for 127.0.0.1 at 2012-09-14 12:40:10 +0530
Processing by UsersController#index as HTML
Parameters: {"ticket"=>"ST-1347606610r360A47D0E4A633DED1"}
Request contains ticket "ST-1347606610r360A47D0E4A633DED1".
Guessed service url: "http://localhost:3000/users"
Requesting CAS response for URI http://192.168.1.52:443/proxyValidate?service=http%3A%2F%2Flocalhost%3A3000%2Fusers&ticket=ST-1347606610r360A47D0E4A633DED1
CAS server responded with #<Net::HTTPOK 200 OK readbody=true>:
<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
cas:authenticationSuccess
cas:userdevu/cas:user
/cas:authenticationSuccess
/cas:serviceResponse
Completed in 139ms

NoMethodError (undefined method `inject' for true:TrueClass):

Rendered /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-3.0.5/lib/action_dispatch/middleware/templates/rescues/_trace.erb (2.2ms)
Rendered /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-3.0.5/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (5.3ms)
Rendered /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-3.0.5/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (14.4ms)

When a service URL is generated, it includes any POST parameters in the query parameter. This causes problems when POST params include very large values (for example in file uploads) or many key/value pairs. The specific method: https://github.com/rubycas/rubycas-client-rails/blob/master/lib/rubycas-client-rails.rb#L376 The old implementation is here and correctly only grabs the query params: https://github.com/rubycas/rubycas-client/blob/master/lib/casclient/frameworks/rails/filter.rb#L329

I have this error when trying to move my app to ruby 1.9

This had been already reported ( rubycas/rubycas-client#23 ) in rubycas-client project but you closed it saying that "rubycas-client-rails is currently (and unfortunately) a separate project."

Now rubycas-client-rails seems to be moved here, but the issue still exists.

Hi ,

I was migrating my existing application from 'rails', '3.2.13' to 'rails', '4.1.0.beta1' and also with rvm => ruby '1.9.3' to ruby '2.1.0'

While i was migrating i face many issue and solved it.. But at this part i could able to get it fixed..

So if any one have idea about it , share it :) So that it be helpful..

With single sign-out turned on, when I log out via the CAS server (as opposed to one of the consumer applications), the server tries notifying the consumers, using the "service" urls.

These service urls seem to have a fixed value: that that the Rails consumer app had when the before_filter caused a redirection for logging in.

Example:

• User logged out, has no ticket
• Tries going to my.app.com/foo
• Gets redirected to cas.server.com, and the ticket's service value gets bound to my.app.com/foo
• Uses the app for a while
• Goes to cas.server.com/logout, logs out
• Server notifies app, but sends a request to /foo (some arbitrary domain-specific functionality) rather than /logout (which would delete the app's login cookie).

How to supply a custom callback logout URL?

Hi mate,

I'm trying to use this gem in a Rails 4 app and I'm seeing with this error message after log in rubycas-server (i.e. in the return, containing a valid ticket):

NoMethodError (undefined method 'response'
for # < CASClient::ServiceTicket:0xba7135bc >):
rubycas-client-rails (0.1.0) lib/rubycas-client-rails.rb:79:in `filter'

This error it's known? Anyone suggest me to solve it?

Thanks in advance!

In 2.3.9, under some circumstances it's possible to trigger the above error.

A NoMethodError occurred in agc#logout:

private method gsub' called for nil:NilClass /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/1.8/cgi.rb:342:inescape'
vendor/bundle/ruby/1.8/gems/rubycas-client-2.3.9/lib/casclient/client.rb:285:in hash_to_query' vendor/bundle/ruby/1.8/gems/rubycas-client-2.3.9/lib/casclient/client.rb:285:ineach'
vendor/bundle/ruby/1.8/gems/rubycas-client-2.3.9/lib/casclient/client.rb:285:in hash_to_query' vendor/bundle/ruby/1.8/gems/rubycas-client-2.3.9/lib/casclient/client.rb:283:ineach'
vendor/bundle/ruby/1.8/gems/rubycas-client-2.3.9/lib/casclient/client.rb:283:in hash_to_query' vendor/bundle/ruby/1.8/gems/rubycas-client-2.3.9/lib/casclient/client.rb:96:inlogout_url'
vendor/gems/rubycas-client-rails/lib/rubycas-client-rails.rb:234:in logout' lib/ruby_cas_proxy.rb:9:inlogout'
app/controllers/agc/agc_controller.rb:13:in `logout'

It looks like https://github.com/rubycas/rubycas-client/blob/v2.3.9/lib/casclient/client.rb#L281 is somehow getting a destination_url which, when parsed, has Nil elements.

Users are typically coming from URIs like:
https://foo.com/path/to/page?&sort=date_received.DESC