mini Auth CAS on Yaws
Eric Cestari - cstar - April 03, 2008Yaws, câest le serveur web écrit en erlang, célèbre pour ce graphe qui montre comment Yaws met sa pâté à Apache.
Voici le client minimal permettant de s’authentifier sur un serveur CAS.
A sauver dans un fichier cas.yaws à mettre dans le /var/yaws (document root par défaut).
N’oubliez pas d’adapter CASHOST et SERVICE à votre configuration.
<erl>
-define(CASHOST, "http://localhost:8080/cas/").
-define(SERVICE, "service=http://localhost:5224/cas.yaws").
-include_lib("xmerl/include/xmerl.hrl"). out(A)-> H = A#arg.headers, C = H#headers.cookie, inets:start(), case yaws_api:find_cookie_val("casuser", C) of []-> check_auth(A); Cookie -> {ok, Username} = yaws_api:cookieval_to_opaque(Cookie), {html, "Authentified as "++Username} end. check_auth(A)-> case queryvar(A,"ticket") of {ok, Ticket}-> case verify_ticket(Ticket) of {ok, Username} -> Cookie = yaws_api:new_cookie_session(Username), CO = yaws_api:setcookie("casuser",Cookie,"/"), [{html, "Authentified as "++Username}, CO]; {error, Reason} -> [{status, 403},{html, "Unauthorized : "++Reason}] end; undefined -> {redirect, ?CASHOST ++ "login?" ++ ?SERVICE } end. verify_ticket(Ticket) -> inets:start(), Url =?CASHOST++"proxyValidate?"++?SERVICE++"&ticket;="++Ticket, {ok, {_Status, _Headers, Body}} = http:request(Url), { Xml, _Rest } = xmerl_scan:string(Body), inets:stop(), case xmerl_xpath:string("//cas:user/text()",Xml) of [ #xmlText{value=Username} ] -> {ok, Username}; [] -> {error, "invalid ticket " ++ Url} end.
</erl>
Tant qu’on est sur le sujet, il y a un article très intéressant sur le REST dans Yaws chez InfoQ.
Categories: Blogs Eric Cestari
Comments
No comments so far, you could be the first.Add comment
Erlang on Twitter
» erlang (Andreas Åkre Solberg): jQuery Scroll Path Plugin http://t.co/DHZ0W36c via @JoelBesada
» martyns (martynas): fighting with load bursts. probably its time to deploy https://t.co/xJxKcRmQ. #erlang
» Louellaoqk (Louella Delaroca): Informationsmanagement in Hochschulen (German Edition): Die Informations- und Kommunikationstechnik (IuK) erlang… http://t.co/95UJGZS3
» fgtrjhyu (アスパラガー): 多分「どうでもいい」だと思うんだ。 Smalltalk→Obj…C erlang→node.jsと同じで。
» zbyszek (Zbyszek Żółkiewski): RT @michalptaszek: Going to give #ejabberd tutorial on @erlangfactory in SF this March :) Anyone?
http://t.co/0bnFtIKf #xmpp #erlang
» jeedee (jeedee): Erlang, y u so fast?
» michalptaszek (Michal Ptaszek): Going to give #ejabberd tutorial on @erlangfactory in SF this March :) Anyone?
http://t.co/0bnFtIKf #xmpp #erlang
» FrancescoC (Francesco Cesarini): Woot! RT @valdo404: Practical Erlang Programming at #QConLondon I want to go there
» kvakvs (Dmytro Lytovchenko): @2chso Чешутся руки написать клон вакабы на Erlang, которую можно кинуть на Амазон S3 и выдержать любой ддос. А чё есть смысл делать?
» tom_harper (Tom Harper): Why oh why did Erlang decided to use {} for *tuples*
Statistics
Number of aggregated posts: 10456
Number of comments: 1443
Most recent article: February 06, 2012
Latest comments
» tandblekning easewhite on 08 February 2012: Erlang Express 3-day Course in San Francisco on 8 February: ncomprehensible to me now, but in general, the usefulness and significance is overwhelmingtandblekning easewhite
» chameleonnation on TextOne HD for webOS: There hit been whatsoever tallish stories of liveness against all tbe ratio and mythical whimsy. But there are communicator stories…
» questlearning on TextOne HD for webOS: And Get is now out of the see in see of untold stories yet the inform is in dreadful impoverishment of utilise and assets