Satya's blog - Rails with Shibboleth headers

Sep 02 2009 10:32	Rails with Shibboleth headers	[link]

Phusion Passenger 2.2.3 (although I'm running 2.2.4 or 2.2.5, via gem) has a mis-feature where it sets the environment variables on startup only. This means every request to Rails gets the same set of environment variables.

Shibboleth recommends not turning on request headers (don't do ShibUseHeaders On), as that's slightly insecure. They say use the environment variables instead. In Rails terms, ENV['Shib-EduPerson-Principal-Name'].

But these two things together means every Rails request thinks it's being made by the same person!

So, turn Shibboleth headers on (ShibUseHeaders On) and use request.env['HTTP_SHIB_EDUPERSON_PRINCIPAL_NAME'] instead. Sigh.

Update: I almost wish I could do Rails-style simple_format in Perl.

Last updated: Sep 02 2009 10:38

Tag: geeky bug

RSS feed
Livejournal

Up one level
Tree view
Blog main page
Tags
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012