Presentation: "Security (CAS and OpenID)"
Time: Friday 11:00 - 12:00
Location: Franciscan II
When developing a Rails application, step 2 is almost always > >script/plugin install acts_as_authenticated. Then, you create a few tables that store your users and their hashed passwords. This is all well and good when you are creating standalone web applications. In a large enterprise setting, though, chances are high that you'll want to integrate your Rails application into existing authentication mechanisms, or even a single sign-on infrastructure.
In this talk, we'll examine two open solutions to distributed identity and their Rails integration components. We'll look at the OpenID system, a free system for public identity management, and CAS (Central Authentication Service), an open-source private identity management solution originally written at Yale. In addition, we'll talk about other authentication integration strategies, like LDAP and NTLM support. The goal is to discover that Rails (and Ruby) apps don't have stand alone in a secured enterprise environment, but can play with everyone else is the same pool.