class ICFS::Web::AuthSsl
Authtication using SSL client certificates - Rack Middleware
Public Class Methods
new(app, map, api)
click to toggle source
New instance
@param app [Object] The rack app @param map [Object] Maps DN to user name @param api [ICFS::Api] the Api
# File lib/icfs/web/auth_ssl.rb, line 30 def initialize(app, map, api) @app = app @map = map @api = api end
Public Instance Methods
call(env)
click to toggle source
Handle requests
Expects SSL_CLIENT_VERIFY to be set to SUCCESS and SSL_CLIENT_S_DN to contain the client subject DN
# File lib/icfs/web/auth_ssl.rb, line 43 def call(env) # check if verified unless env['SSL_CLIENT_VERIFY'] == 'SUCCESS' return [ 400, {'Content-Type' => 'text/plain'}, ['Client certificate required.'] ] end # lookup user = @map[env['SSL_CLIENT_S_DN']] if user.nil? return [ 400, {'Content-Type' => 'text/plain'}, ['%s: No User' % env['SSL_CLIENT_S_DN']] ] end # pass to app begin @api.user = user rescue Error::NotFound, Error::Value => err return [ 400, {'Content-Type' => 'text/plain'}, ['%s: %s' % [err.message, env['SSL_CLIENT_S_DN']]] ] end env['icfs'] = @api return @app.call(env) end