Has anyone been able to get some sort of Active Directory auto login functionality working in a rails app? Doesn't IE make available some kind of ldap token that I could grab?
Thanks, Kevin
You're thinking about Kerberos.
If you're using Apache as a web server then you can use something like http://modauthkerb.sourceforge.net/ to authenticate the user and pass the username through to as a variable.
I don't want apache handling authentication for me, my rails app is handling authentication. What I want is if the user is logged into the domain and using IE, be able to grab their active directory username. And if they aren't using IE, my rails app will present them with a login form.
Thanks, Kevin
Yes. What you're talking about is Integrated Windows Authentication (i.e. SPNEGO). This is basically Internet Explorer passing Kerberos or NTLM tokens if the web server supports it or falling back to HTTP Basic auth otherwise.
This means that either your rails app needs to be able to talk SPNEGO itself (which would be complicated to implement) or you have to rely on the web server for authentication. Once the web server has done the authentication you can read the username in your rails app through a HTTP environment variable.
I know thats not precisely what you want, but that is what is available.
Matthew