Ken, Great work! I know next to nothing about Kerberos, but it's been on my todo list for a while to investigate how to support it in Gitorious.
I see that you had to do quite some legwork to allow for an authentication API that doesn't require an explicit username and password. I'd really prefer a single authentication API than branching logic in the client code. The authentication modules probably should take a single parameter, not an explicit username/password combination. This way, "your" module would receive the HTTP request as its parameter to authenticate (instead of the separate authenticate_http method). We'll just wrap the existing email address/password combination into an object and pass that to the other authentication modules, eg.: module Gitorious module Authentication class DatabaseAuthentication def authenticate(credentials) User.authenticate(credentials.username, credentials.password) end end end end I'm thinking that this would make your code even easier to read, what do you think? And again: thanks! We really appreciate this. Cheers, - Marius On Fri, Apr 13, 2012 at 1:52 AM, Ken Dreyer <ktdre...@ktdreyer.com> wrote: > On Wed, Apr 11, 2012 at 8:10 PM, Ken Dreyer <ktdre...@ktdreyer.com> wrote: > > I recently hacked Kerberos authentication onto the Gitorious web > interface. > > I ended up implementing this in a less hackish way, with a proper > Gitorious::Authentication::KerberosAuthentication module. The core > code changes are not as daunting now. > > I added a "authenticate_http" method to the main > Gitorious::Authentication module, to support authentication modules > that do not use a username+password combination. > > Lastly, I added an "http" method to the sessions controller, which > will handle single sign-on authentication. > > Patch against master is attached. > > -- > To post to this group, send email to gitorious@googlegroups.com > To unsubscribe from this group, send email to > gitorious+unsubscr...@googlegroups.com > -- Marius Mårnes Mathiesen Rubyist, Shortcut AS Tel.: (+47) 92 60 95 38. http://shortcut.no -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com