SlideShare uma empresa Scribd logo

Single Sign On in Ruby - Enterprise Ready!

Nikos Dimitrakopoulos
Nikos Dimitrakopoulos
Tecnologia
1 de 26
Baixar para ler offline
Single Sign On Enterprizzzey ready! Nikos Dimitrakopoulos | @nikosd
Single Sign On (really) ● Centralized (almost) authentication ● Login once - be logged-in in multiple services ● More than just "no password required" ● Single Log Out ● Actual "authenticator" can be an outsider (Facebook, Twitter, or whatever...)
shamelessy stolen from http://merbist.com/2012/04/04/building-and-implementing-a-single-sign-on- solution/
Additional specs ● KISS (reaaaaally simple) ● DRY ● Modular ● Extensible ● Ruby!
Components ● Standard ● Ruby implementation for standard ● An actual *abstract* server
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
OpenID ● Decentralization of authentication ● Not about Single Sign On
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
OAuth ● Authorization ● NOT authentication
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
CAS ● Not bad... ● With a lot of free implementations : ○ RubyCAS-Server ○ Jasig CAS (Java) ○ ... ○
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
Shibboleth ● Actually got integrated in SAML 2.0...
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
SAML (2.0) ● Complex ● XML based ● (Unhappy face here...)
SAML (2.0) ● Complex ● XML based ● (Unhappy face here...) But : ● Really the only de-facto standard ● Implemented / supported by : ○ Google ○ Microsoft ○ Oracle ○ ...
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
Custom ● http://merbist.com/2012/04/04/building-and- implementing-a-single-sign-on-solution/ ● http://blog.joshsoftware. com/2010/12/16/multiple-applications-with- devise-omniauth-and-single-sign-on/ No thanks...
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
CAS vs SAML 2.0 ● Let's go for the interoperability.... ● And yes, I suck at XML
Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
RSAML ● Wrapper library around SAML 2.0 ● Pure ruby ● Most of the functionality required ● Untouched for 2 years ● Now maintained at github.com:rsaml/rsaml ● Missing some functionality...
Server (codename "russo") ● The actual "server" thing ● WIP (unreleased code yet)
Russo ● Rails 3 engine ● Reeeeeaaally KISS ● Actually HTTP to SAML 2.0 library ● SAML 2.0 logic in RSAML ● No actual auth logic inside : ○ Do it on the mounted app ○ Use OmniAuth!!!
Russo ● Status : Core functionality should be there during this week ● Use cases : Pretty open since most of the functionality is done on the mounted app ● Learning curve : Pretty high - understanding SAML is required
Why this presentation??? Please help!!! :) ● Finish up RSAML ○ XML Signing ○ Unimplemented features ● Complete Russo ○ Single Log Out ○ Support for other use cases ○ Documentation

Recomendados

Why and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.jsWhy and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.js
Brainhub
 
Coding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applicationsCoding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applications
Wekoslav Stefanovski
 
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.jsThrough Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Wekoslav Stefanovski
 
Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013
Arpad Szasz
 
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
Irfan Maulana
 
TypeScript Jump Start
TypeScript Jump StartTypeScript Jump Start
TypeScript Jump Start
Mostafa
 
Posladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript aPosladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript a
Peter A. Pirc
 
NODE JS OC Meetup 1
NODE JS OC Meetup 1NODE JS OC Meetup 1
NODE JS OC Meetup 1
eddify
 

Recomendados

Why and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.jsWhy and How You Should Move from PHP to Node.js
Why and How You Should Move from PHP to Node.js
Brainhub
 
Coding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applicationsCoding for the cloud - development of modern web applications
Coding for the cloud - development of modern web applications
Wekoslav Stefanovski
 
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.jsThrough Meteor to the stars - Developing full-stack SPA's with meteor.js
Through Meteor to the stars - Developing full-stack SPA's with meteor.js
Wekoslav Stefanovski
 
Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013
Arpad Szasz
 
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript[Blibli Brown Bag] Nodejs - The Other Side of Javascript
[Blibli Brown Bag] Nodejs - The Other Side of Javascript
Irfan Maulana
 
TypeScript Jump Start
TypeScript Jump StartTypeScript Jump Start
TypeScript Jump Start
Mostafa
 
Posladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript aPosladkajmo si JavaScript z uporabo TypeScript a
Posladkajmo si JavaScript z uporabo TypeScript a
Peter A. Pirc
 
NODE JS OC Meetup 1
NODE JS OC Meetup 1NODE JS OC Meetup 1
NODE JS OC Meetup 1
eddify
 
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan KrausHTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
Women in Technology Poland
 
TypeScript Introduction
TypeScript IntroductionTypeScript Introduction
TypeScript Introduction
Travis van der Font
 
#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp
Maciej Grajcarek
 
Going Offline with JS
Going Offline with JSGoing Offline with JS
Going Offline with JS
brendankowitz
 
Web assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail SorokovskyWeb assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail Sorokovsky
Valeriia Maliarenko
 
Customize UI with Protocols
Customize UI with ProtocolsCustomize UI with Protocols
Customize UI with Protocols
Pofat Tseng
 
Віталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and DrupalВіталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and Drupal
LEDC 2016
 
JavaScript Engine and WebAssembly
JavaScript Engine and WebAssemblyJavaScript Engine and WebAssembly
JavaScript Engine and WebAssembly
Changhwan Yi
 
Microfrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased basedMicrofrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased based
Vinci Rufus
 
Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)
brendankowitz
 
WebAssembly Overview
WebAssembly OverviewWebAssembly Overview
WebAssembly Overview
Alexandr Skachkov
 
Intro to node.js
Intro to node.jsIntro to node.js
Intro to node.js
Sunil Kumar Singh
 
An Introduction to WebAssembly
An Introduction to WebAssemblyAn Introduction to WebAssembly
An Introduction to WebAssembly
Daniel Budden
 
Node.js basics
Node.js basicsNode.js basics
Node.js basics
Gergely Németh
 
WebAssembly Fundamentals
WebAssembly FundamentalsWebAssembly Fundamentals
WebAssembly Fundamentals
Knoldus Inc.
 
IoT and developer chances
IoT and developer chancesIoT and developer chances
IoT and developer chances
Chau Thanh
 
Nodejs Training in Hyderabad
Nodejs Training in HyderabadNodejs Training in Hyderabad
Nodejs Training in Hyderabad
CHENNAKESHAVAKATAGAR
 
Web components
Web componentsWeb components
Web components
ehsanarian
 
Conquering AngularJS Limitations
Conquering AngularJS LimitationsConquering AngularJS Limitations
Conquering AngularJS Limitations
Valeri Karpov
 
Lessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODMLessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODM
Valeri Karpov
 
You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)
Igalia
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
Opersys inc.
 

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan KrausHTML, CSS & Javascript Architecture (extended version) - Jan Kraus
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
 
TypeScript Introduction
TypeScript IntroductionTypeScript Introduction
TypeScript Introduction
 
#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp#1 Backend Meetup - Symfony 2 - wstęp
#1 Backend Meetup - Symfony 2 - wstęp
 
Going Offline with JS
Going Offline with JSGoing Offline with JS
Going Offline with JS
 
Web assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail SorokovskyWeb assembly overview by Mikhail Sorokovsky
Web assembly overview by Mikhail Sorokovsky
 
Customize UI with Protocols
Customize UI with ProtocolsCustomize UI with Protocols
Customize UI with Protocols
 
Віталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and DrupalВіталій Бобров — Web components, Polymer and Drupal
Віталій Бобров — Web components, Polymer and Drupal
 
JavaScript Engine and WebAssembly
JavaScript Engine and WebAssemblyJavaScript Engine and WebAssembly
JavaScript Engine and WebAssembly
 
Microfrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased basedMicrofrontends Monoreops & Trunkbased based
Microfrontends Monoreops & Trunkbased based
 
Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)Going offline with JS (DDD Sydney)
Going offline with JS (DDD Sydney)
 
WebAssembly Overview
WebAssembly OverviewWebAssembly Overview
WebAssembly Overview
 
Intro to node.js
Intro to node.jsIntro to node.js
Intro to node.js
 
An Introduction to WebAssembly
An Introduction to WebAssemblyAn Introduction to WebAssembly
An Introduction to WebAssembly
 
Node.js basics
Node.js basicsNode.js basics
Node.js basics
 
WebAssembly Fundamentals
WebAssembly FundamentalsWebAssembly Fundamentals
WebAssembly Fundamentals
 
IoT and developer chances
IoT and developer chancesIoT and developer chances
IoT and developer chances
 
Nodejs Training in Hyderabad
Nodejs Training in HyderabadNodejs Training in Hyderabad
Nodejs Training in Hyderabad
 
Web components
Web componentsWeb components
Web components
 
Conquering AngularJS Limitations
Conquering AngularJS LimitationsConquering AngularJS Limitations
Conquering AngularJS Limitations
 
Lessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODMLessons in Open Source from the MongooseJS ODM
Lessons in Open Source from the MongooseJS ODM
 

Semelhante a Single Sign On in Ruby - Enterprise Ready!

You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)
Igalia
 
Building Real-World Dojo Web Applications
Building Real-World Dojo Web ApplicationsBuilding Real-World Dojo Web Applications
Building Real-World Dojo Web Applications
Andrew Ferrier
 

Semelhante a Single Sign On in Ruby - Enterprise Ready! (20)

You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)You Can Work on the Web Patform! (GOSIM 2023)
You Can Work on the Web Patform! (GOSIM 2023)
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
 
Monitoring your VM's at Scale
Monitoring your VM's at ScaleMonitoring your VM's at Scale
Monitoring your VM's at Scale
 
Groovy android
Groovy androidGroovy android
Groovy android
 
Lupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdf
Lupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdfLupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdf
Lupus Decoupled Drupal - Drupal Austria Meetup - 2023-04.pdf
 
CI with Gitlab & Docker
CI with Gitlab & DockerCI with Gitlab & Docker
CI with Gitlab & Docker
 
Architektura html, css i javascript - Jan Kraus
Architektura html, css i javascript - Jan KrausArchitektura html, css i javascript - Jan Kraus
Architektura html, css i javascript - Jan Kraus
 
Instant developer onboarding with self contained repositories
Instant developer onboarding with self contained repositoriesInstant developer onboarding with self contained repositories
Instant developer onboarding with self contained repositories
 
Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...
Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...
Deploy Multinode GitLab Runner in openSUSE 15.1 Instances with Ansible Automa...
 
How to control physical devices with mruby
How to control physical devices with mrubyHow to control physical devices with mruby
How to control physical devices with mruby
 
2016 stop writing javascript frameworks by Joe Gregorio
2016 stop writing javascript frameworks by Joe Gregorio2016 stop writing javascript frameworks by Joe Gregorio
2016 stop writing javascript frameworks by Joe Gregorio
 
Montreal.rb ruby debugging basics - march 20th 2012
Montreal.rb ruby debugging basics - march 20th 2012Montreal.rb ruby debugging basics - march 20th 2012
Montreal.rb ruby debugging basics - march 20th 2012
 
Inside Android's UI
Inside Android's UIInside Android's UI
Inside Android's UI
 
In the DOM, no one will hear you scream
In the DOM, no one will hear you screamIn the DOM, no one will hear you scream
In the DOM, no one will hear you scream
 
Autolab Workshop
Autolab WorkshopAutolab Workshop
Autolab Workshop
 
Web components. Compose the web.
Web components. Compose the web.Web components. Compose the web.
Web components. Compose the web.
 
Building Real-World Dojo Web Applications
Building Real-World Dojo Web ApplicationsBuilding Real-World Dojo Web Applications
Building Real-World Dojo Web Applications
 
Inside Android's UI / ABS 2013
Inside Android's UI / ABS 2013Inside Android's UI / ABS 2013
Inside Android's UI / ABS 2013
 
Drupalhagen 2014 kiss omg ftw
Drupalhagen 2014 kiss omg ftwDrupalhagen 2014 kiss omg ftw
Drupalhagen 2014 kiss omg ftw
 
Go at Skroutz
Go at SkroutzGo at Skroutz
Go at Skroutz
 

Mais de Nikos Dimitrakopoulos

Microsoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRubyMicrosoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRuby
Nikos Dimitrakopoulos
 

Mais de Nikos Dimitrakopoulos (8)

Lean meetings (Athens Ruby Meetup #25)
Lean meetings (Athens Ruby Meetup #25)Lean meetings (Athens Ruby Meetup #25)
Lean meetings (Athens Ruby Meetup #25)
 
Building a globalized, customer facing e-commerce product, powered by micro-s...
Building a globalized, customer facing e-commerce product, powered by micro-s...Building a globalized, customer facing e-commerce product, powered by micro-s...
Building a globalized, customer facing e-commerce product, powered by micro-s...
 
Athens Ruby Meetup #3: IronRuby
Athens Ruby Meetup #3: IronRubyAthens Ruby Meetup #3: IronRuby
Athens Ruby Meetup #3: IronRuby
 
Microsoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRubyMicrosoft Hellas Dev Days 09: IronRuby
Microsoft Hellas Dev Days 09: IronRuby
 
A Blink Into The Rails Magic
A Blink Into The Rails MagicA Blink Into The Rails Magic
A Blink Into The Rails Magic
 
Things Learned From Rails
Things Learned From RailsThings Learned From Rails
Things Learned From Rails
 
Ruby On Rails Introduction [Εισαγωγή στο Rails]
Ruby On Rails Introduction [Εισαγωγή στο Rails]Ruby On Rails Introduction [Εισαγωγή στο Rails]
Ruby On Rails Introduction [Εισαγωγή στο Rails]
 
Introduction to Ruby [Εισαγωγή στην Ruby]
Introduction to Ruby [Εισαγωγή στην Ruby]Introduction to Ruby [Εισαγωγή στην Ruby]
Introduction to Ruby [Εισαγωγή στην Ruby]
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Último (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Single Sign On in Ruby - Enterprise Ready!

  • 1. Single Sign On Enterprizzzey ready! Nikos Dimitrakopoulos | @nikosd
  • 2. Single Sign On (really) ● Centralized (almost) authentication ● Login once - be logged-in in multiple services ● More than just "no password required" ● Single Log Out ● Actual "authenticator" can be an outsider (Facebook, Twitter, or whatever...)
  • 3. shamelessy stolen from http://merbist.com/2012/04/04/building-and-implementing-a-single-sign-on- solution/
  • 4. Additional specs ● KISS (reaaaaally simple) ● DRY ● Modular ● Extensible ● Ruby!
  • 5. Components ● Standard ● Ruby implementation for standard ● An actual *abstract* server
  • 6. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 7. OpenID ● Decentralization of authentication ● Not about Single Sign On
  • 8. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 10. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 11. CAS ● Not bad... ● With a lot of free implementations : ○ RubyCAS-Server ○ Jasig CAS (Java) ○ ... ○
  • 12. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML ● Custom
  • 13. Shibboleth ● Actually got integrated in SAML 2.0...
  • 14. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 15. SAML (2.0) ● Complex ● XML based ● (Unhappy face here...)
  • 16. SAML (2.0) ● Complex ● XML based ● (Unhappy face here...) But : ● Really the only de-facto standard ● Implemented / supported by : ○ Google ○ Microsoft ○ Oracle ○ ...
  • 17. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 18. Custom ● http://merbist.com/2012/04/04/building-and- implementing-a-single-sign-on-solution/ ● http://blog.joshsoftware. com/2010/12/16/multiple-applications-with- devise-omniauth-and-single-sign-on/ No thanks...
  • 19. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 20. CAS vs SAML 2.0 ● Let's go for the interoperability.... ● And yes, I suck at XML
  • 21. Standards ● OpenID ● OAuth ● CAS ● Shibboleth ● SAML 2.0 ● Custom
  • 22. RSAML ● Wrapper library around SAML 2.0 ● Pure ruby ● Most of the functionality required ● Untouched for 2 years ● Now maintained at github.com:rsaml/rsaml ● Missing some functionality...
  • 23. Server (codename "russo") ● The actual "server" thing ● WIP (unreleased code yet)
  • 24. Russo ● Rails 3 engine ● Reeeeeaaally KISS ● Actually HTTP to SAML 2.0 library ● SAML 2.0 logic in RSAML ● No actual auth logic inside : ○ Do it on the mounted app ○ Use OmniAuth!!!
  • 25. Russo ● Status : Core functionality should be there during this week ● Use cases : Pretty open since most of the functionality is done on the mounted app ● Learning curve : Pretty high - understanding SAML is required
  • 26. Why this presentation??? Please help!!! :) ● Finish up RSAML ○ XML Signing ○ Unimplemented features ● Complete Russo ○ Single Log Out ○ Support for other use cases ○ Documentation