SlideShare ist ein Scribd-Unternehmen logo

Single Sign On in Ruby - Enterprise Ready!

Nikos Dimitrakopoulos
Nikos Dimitrakopoulos
Technologie
1 von 26
Downloaden Sie, um offline zu lesen
Single Sign On Enterprizzzey ready! Nikos Dimitrakopoulos | @nikosd
Single Sign On (really) ● Centralized (almost) authentication ● Login once - be logged-in in multiple services ● More than just "no password required" ● Single Log Out ● Actual "authenticator" can be an outsider (Facebook, Twitter, or whatever...)
shamelessy stolen from http://merbist.com/2012/04/04/building-and-implementing-a-single-sign-on- solution/
Additional specs ● KISS (reaaaaally simple) ● DRY ● Modular ● Extensible ● Ruby!
Components ● Standard ● Ruby implementation for standard ● An actual *abstract* server
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
OpenID ● Decentralization of authentication ● Not about Single Sign On
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
OAuth ● Authorization ● NOT authentication
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
CAS ● Not bad... ● With a lot of free implementations : ○ RubyCAS-Server ○ Jasig CAS (Java) ○ ... ○
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
Shibboleth ● Actually got integrated in SAML 2.0...
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
SAML (2.0) ● Complex ● XML based ● (Unhappy face here...)
SAML (2.0) ● Complex ● XML based ● (Unhappy face here...) But : ● Really the only de-facto standard ● Implemented / supported by : ○ Google ○ Microsoft ○ Oracle ○ ...
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
Custom ● http://merbist.com/2012/04/04/building-and- implementing-a-single-sign-on-solution/ ● http://blog.joshsoftware. com/2010/12/16/multiple-applications-with- devise-omniauth-and-single-sign-on/ No thanks...
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
CAS vs SAML 2.0 ● Let's go for the interoperability.... ● And yes, I suck at XML
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
RSAML ● Wrapper library around SAML 2.0 ● Pure ruby ● Most of the functionality required ● Untouched for 2 years ● Now maintained at github.com:rsaml/rsaml ● Missing some functionality...
Server (codename "russo") ● The actual "server" thing ● WIP (unreleased code yet)
Russo ● Rails 3 engine ● Reeeeeaaally KISS ● Actually HTTP to SAML 2.0 library ● SAML 2.0 logic in RSAML ● No actual auth logic inside : ○ Do it on the mounted app ○ Use OmniAuth!!!
Russo ● Status : Core functionality should be there during this week ● Use cases : Pretty open since most of the functionality is done on the mounted app ● Learning curve : Pretty high - understanding SAML is required
Why this presentation??? Please help!!! :) ● Finish up RSAML ○ XML Signing ○ Unimplemented features ● Complete Russo ○ Single Log Out ○ Support for other use cases ○ Documentation

Empfohlen

Why and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.jsWhy and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.js
Brainhub
 
Coding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applicationsCoding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applications
Wekoslav Stefanovski
 
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.jsThrough Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Wekoslav Stefanovski
 
Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013
Arpad Szasz
 
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
Irfan Maulana
 
TypeScript Jump Start
TypeScript Jump StartTypeScript Jump Start
TypeScript Jump Start
Mostafa
 
Posladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript aPosladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript a
Peter A. Pirc
 
NODE JS OC Meetup 1
NODE JS OC Meetup 1NODE JS OC Meetup 1
NODE JS OC Meetup 1
eddify
 

Empfohlen

Why and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.jsWhy and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.js
Brainhub
 
Coding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applicationsCoding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applications
Wekoslav Stefanovski
 
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.jsThrough Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Wekoslav Stefanovski
 
Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013
Arpad Szasz
 
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
Irfan Maulana
 
TypeScript Jump Start
TypeScript Jump StartTypeScript Jump Start
TypeScript Jump Start
Mostafa
 
Posladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript aPosladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript a
Peter A. Pirc
 
NODE JS OC Meetup 1
NODE JS OC Meetup 1NODE JS OC Meetup 1
NODE JS OC Meetup 1
eddify
 
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan KrausHTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
Women in Technology Poland
 
TypeScript Introduction
TypeScript IntroductionTypeScript Introduction
TypeScript Introduction
Travis van der Font
 
#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp
Maciej Grajcarek
 
Going Offline with JS
Going Offline with JSGoing Offline with JS
Going Offline with JS
brendankowitz
 
Web assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail SorokovskyWeb assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail Sorokovsky
Valeriia Maliarenko
 
Customize UI with Protocols
Customize UI with ProtocolsCustomize UI with Protocols
Customize UI with Protocols
Pofat Tseng
 
Віталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and DrupalВіталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and Drupal
LEDC 2016
 
JavaScript Engine and WebAssembly
JavaScript Engine and WebAssemblyJavaScript Engine and WebAssembly
JavaScript Engine and WebAssembly
Changhwan Yi
 
Microfrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased basedMicrofrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased based
Vinci Rufus
 
Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)
brendankowitz
 
WebAssembly Overview
WebAssembly OverviewWebAssembly Overview
WebAssembly Overview
Alexandr Skachkov
 
Intro to node.js
Intro to node.jsIntro to node.js
Intro to node.js
Sunil Kumar Singh
 
An Introduction to WebAssembly
An Introduction to WebAssemblyAn Introduction to WebAssembly
An Introduction to WebAssembly
Daniel Budden
 
Node.js basics
Node.js basicsNode.js basics
Node.js basics
Gergely Németh
 
WebAssembly Fundamentals
WebAssembly FundamentalsWebAssembly Fundamentals
WebAssembly Fundamentals
Knoldus Inc.
 
IoT and developer chances
IoT and developer chancesIoT and developer chances
IoT and developer chances
Chau Thanh
 
Nodejs Training in Hyderabad
Nodejs Training in HyderabadNodejs Training in Hyderabad
Nodejs Training in Hyderabad
CHENNAKESHAVAKATAGAR
 
Web components
Web componentsWeb components
Web components
ehsanarian
 
Conquering AngularJS Limitations
Conquering AngularJS LimitationsConquering AngularJS Limitations
Conquering AngularJS Limitations
Valeri Karpov
 
Lessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODMLessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODM
Valeri Karpov
 
You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)
Igalia
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
Opersys inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan KrausHTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
 
TypeScript Introduction
TypeScript IntroductionTypeScript Introduction
TypeScript Introduction
 
#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp
 
Going Offline with JS
Going Offline with JSGoing Offline with JS
Going Offline with JS
 
Web assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail SorokovskyWeb assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail Sorokovsky
 
Customize UI with Protocols
Customize UI with ProtocolsCustomize UI with Protocols
Customize UI with Protocols
 
Віталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and DrupalВіталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and Drupal
 
JavaScript Engine and WebAssembly
JavaScript Engine and WebAssemblyJavaScript Engine and WebAssembly
JavaScript Engine and WebAssembly
 
Microfrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased basedMicrofrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased based
 
Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)
 
WebAssembly Overview
WebAssembly OverviewWebAssembly Overview
WebAssembly Overview
 
Intro to node.js
Intro to node.jsIntro to node.js
Intro to node.js
 
An Introduction to WebAssembly
An Introduction to WebAssemblyAn Introduction to WebAssembly
An Introduction to WebAssembly
 
Node.js basics
Node.js basicsNode.js basics
Node.js basics
 
WebAssembly Fundamentals
WebAssembly FundamentalsWebAssembly Fundamentals
WebAssembly Fundamentals
 
IoT and developer chances
IoT and developer chancesIoT and developer chances
IoT and developer chances
 
Nodejs Training in Hyderabad
Nodejs Training in HyderabadNodejs Training in Hyderabad
Nodejs Training in Hyderabad
 
Web components
Web componentsWeb components
Web components
 
Conquering AngularJS Limitations
Conquering AngularJS LimitationsConquering AngularJS Limitations
Conquering AngularJS Limitations
 
Lessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODMLessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODM
 

Ähnlich wie Single Sign On in Ruby - Enterprise Ready!

You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)
Igalia
 
Building Real-World Dojo Web Applications
Building Real-World Dojo Web ApplicationsBuilding Real-World Dojo Web Applications
Building Real-World Dojo Web Applications
Andrew Ferrier
 

Ähnlich wie Single Sign On in Ruby - Enterprise Ready! (20)

You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
 
Monitoring your VM's at Scale
Monitoring your VM's at ScaleMonitoring your VM's at Scale
Monitoring your VM's at Scale
 
Groovy android
Groovy androidGroovy android
Groovy android
 
Lupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdf
Lupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdfLupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdf
Lupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdf
 
CI with Gitlab & Docker
CI with Gitlab & DockerCI with Gitlab & Docker
CI with Gitlab & Docker
 
Architektura html, css i javascript - Jan Kraus
Architektura html, css i javascript - Jan KrausArchitektura html, css i javascript - Jan Kraus
Architektura html, css i javascript - Jan Kraus
 
Instant developer onboarding with self contained repositories
Instant developer onboarding with self contained repositoriesInstant developer onboarding with self contained repositories
Instant developer onboarding with self contained repositories
 
Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...
Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...
Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...
 
How to control physical devices with mruby
How to control physical devices with mrubyHow to control physical devices with mruby
How to control physical devices with mruby
 
2016 stop writing javascript frameworks by Joe Gregorio
2016 stop writing javascript frameworks by Joe Gregorio2016 stop writing javascript frameworks by Joe Gregorio
2016 stop writing javascript frameworks by Joe Gregorio
 
Montreal.rb ruby debugging basics - march 20th 2012
Montreal.rb ruby debugging basics - march 20th 2012Montreal.rb ruby debugging basics - march 20th 2012
Montreal.rb ruby debugging basics - march 20th 2012
 
Inside Android's UI
Inside Android's UIInside Android's UI
Inside Android's UI
 
In the DOM, no one will hear you scream
In the DOM, no one will hear you screamIn the DOM, no one will hear you scream
In the DOM, no one will hear you scream
 
Autolab Workshop
Autolab WorkshopAutolab Workshop
Autolab Workshop
 
Web components. Compose the web.
Web components. Compose the web.Web components. Compose the web.
Web components. Compose the web.
 
Building Real-World Dojo Web Applications
Building Real-World Dojo Web ApplicationsBuilding Real-World Dojo Web Applications
Building Real-World Dojo Web Applications
 
Inside Android's UI / ABS 2013
Inside Android's UI / ABS 2013Inside Android's UI / ABS 2013
Inside Android's UI / ABS 2013
 
Drupalhagen 2014 kiss omg ftw
Drupalhagen 2014 kiss omg ftwDrupalhagen 2014 kiss omg ftw
Drupalhagen 2014 kiss omg ftw
 
Go at Skroutz
Go at SkroutzGo at Skroutz
Go at Skroutz
 

Mehr von Nikos Dimitrakopoulos

Microsoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRubyMicrosoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRuby
Nikos Dimitrakopoulos
 

Mehr von Nikos Dimitrakopoulos (8)

Lean meetings (Athens Ruby Meetup #25)
Lean meetings (Athens Ruby Meetup #25)Lean meetings (Athens Ruby Meetup #25)
Lean meetings (Athens Ruby Meetup #25)
 
Building a globalized, customer facing e-commerce product, powered by micro-s...
Building a globalized, customer facing e-commerce product, powered by micro-s...Building a globalized, customer facing e-commerce product, powered by micro-s...
Building a globalized, customer facing e-commerce product, powered by micro-s...
 
Athens Ruby Meetup #3: IronRuby
Athens Ruby Meetup #3: IronRubyAthens Ruby Meetup #3: IronRuby
Athens Ruby Meetup #3: IronRuby
 
Microsoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRubyMicrosoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRuby
 
A Blink Into The Rails Magic
A Blink Into The Rails MagicA Blink Into The Rails Magic
A Blink Into The Rails Magic
 
Things Learned From Rails
Things Learned From RailsThings Learned From Rails
Things Learned From Rails
 
Ruby On Rails Introduction [Εισαγωγή στο Rails]
Ruby On Rails Introduction [Εισαγωγή στο Rails]Ruby On Rails Introduction [Εισαγωγή στο Rails]
Ruby On Rails Introduction [Εισαγωγή στο Rails]
 
Introduction to Ruby [Εισαγωγή στην Ruby]
Introduction to Ruby [Εισαγωγή στην Ruby]Introduction to Ruby [Εισαγωγή στην Ruby]
Introduction to Ruby [Εισαγωγή στην Ruby]
 

Kürzlich hochgeladen

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Single Sign On in Ruby - Enterprise Ready!

  • 1. Single Sign On Enterprizzzey ready! Nikos Dimitrakopoulos | @nikosd
  • 2. Single Sign On (really) ● Centralized (almost) authentication ● Login once - be logged-in in multiple services ● More than just "no password required" ● Single Log Out ● Actual "authenticator" can be an outsider (Facebook, Twitter, or whatever...)
  • 3. shamelessy stolen from http://merbist.com/2012/04/04/building-and-implementing-a-single-sign-on- solution/
  • 4. Additional specs ● KISS (reaaaaally simple) ● DRY ● Modular ● Extensible ● Ruby!
  • 5. Components ● Standard ● Ruby implementation for standard ● An actual *abstract* server
  • 6. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 7. OpenID ● Decentralization of authentication ● Not about Single Sign On
  • 8. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 10. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 11. CAS ● Not bad... ● With a lot of free implementations : ○ RubyCAS-Server ○ Jasig CAS (Java) ○ ... ○
  • 12. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 13. Shibboleth ● Actually got integrated in SAML 2.0...
  • 14. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 15. SAML (2.0) ● Complex ● XML based ● (Unhappy face here...)
  • 16. SAML (2.0) ● Complex ● XML based ● (Unhappy face here...) But : ● Really the only de-facto standard ● Implemented / supported by : ○ Google ○ Microsoft ○ Oracle ○ ...
  • 17. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 18. Custom ● http://merbist.com/2012/04/04/building-and- implementing-a-single-sign-on-solution/ ● http://blog.joshsoftware. com/2010/12/16/multiple-applications-with- devise-omniauth-and-single-sign-on/ No thanks...
  • 19. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 20. CAS vs SAML 2.0 ● Let's go for the interoperability.... ● And yes, I suck at XML
  • 21. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 22. RSAML ● Wrapper library around SAML 2.0 ● Pure ruby ● Most of the functionality required ● Untouched for 2 years ● Now maintained at github.com:rsaml/rsaml ● Missing some functionality...
  • 23. Server (codename "russo") ● The actual "server" thing ● WIP (unreleased code yet)
  • 24. Russo ● Rails 3 engine ● Reeeeeaaally KISS ● Actually HTTP to SAML 2.0 library ● SAML 2.0 logic in RSAML ● No actual auth logic inside : ○ Do it on the mounted app ○ Use OmniAuth!!!
  • 25. Russo ● Status : Core functionality should be there during this week ● Use cases : Pretty open since most of the functionality is done on the mounted app ● Learning curve : Pretty high - understanding SAML is required
  • 26. Why this presentation??? Please help!!! :) ● Finish up RSAML ○ XML Signing ○ Unimplemented features ● Complete Russo ○ Single Log Out ○ Support for other use cases ○ Documentation