Ask HN? How would you implement SSO for Rails apps?

2 points by jbobo ↗ HN
I've been tasked with building out SSO. It looks like my only real option is implementing a CAS server/client with a paid solution like OneLogin or rbCAS (open).

- https://www.onelogin.com/ - https://github.com/rbCAS/CASino

1. Do I have more options besides the above? If so, which? 2. Is there a better solution besides CAS (http://jasig.github.io/cas/4.0.0/index.html)?

Recommendations are welcome. Thanks in advance.

3 comments

[ 3.6 ms ] story [ 14.1 ms ] thread
(comment deleted)
I had pretty good experience with building authentication/identity providers with Doorkeeper in Rails. Your clients would then use Omniauth or the Oauth2 directly to login via that provider. I'm boarding a plane right now, so that pulling those projects up for you is a bit tedious but just google them. Cheers!
I think you do have options. Take a look at SAML-R (SP) [1] and Ruby SAML IDP (IdP) [2]

They aren't perfect but can get you up and running in relatively short time. They are also excellent in showing how things are done.

I worked with them before - implementing a solution where a single app acted as a SP and IdP in development env (great for validation).

[1] https://github.com/zendesk/samlr [2] https://github.com/lawrencepit/ruby-saml-idp