0.08
No release in over 3 years
Low commit activity in last 3 years
There's a lot of open issues
OmniAuth WS-Federation strategy enabling integration with Windows Azure Access Control Service (ACS), Active Directory Federation Services (ADFS) 2.0, custom Identity Providers built with Windows Identity Foundation (WIF) or any other Identity Provider supporting the WS-Federation protocol.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 0.6, >= 0.6.2
~> 10.1, >= 10.1.0
~> 2.12, >= 2.12.0

Runtime

~> 1.2, >= 1.2.2
~> 0.1, >= 0.1.2
 Project Readme

OmniAuth WS-Fed

Gem Version Code Climate Build Status

The OmniAuth-WSFed authentication strategy can be used with the following technologies under scenarios requiring the WS-Federation protocol for authentication. These services are typically used for Identity Federation and Single Sign-On across large organizations or authentication domains.

Installation

Add this line to your application's Gemfile:

    gem 'omniauth-wsfed'

And then execute:

$ bundle install

Or install it globally as:

$ gem install omniauth-wsfed

Configuration

Use the WSFed strategy as a middleware in your application:

require 'omniauth'

use OmniAuth::Strategies::WSFed,
  :issuer_name           => "http://your-azure-acs-namespace.accesscontrol.windows.net",
  :issuer                => "https://your-azure-acs-namespace.accesscontrol.windows.net/v2/wsfederation",
  :realm                 => "http://my.relyingparty/realm",
  :reply                 => "http://localhost:3000/auth/wsfed/callback",
  :id_claim              => "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
  :idp_cert_fingerprint  => "FC96D2983…"

or in your Rails application:

in Gemfile:

gem 'omniauth-wsfed'

and in config/initializers/omniauth.rb:

Rails.application.config.middleware.use OmniAuth::Builder do

  provider :wsfed,
    :issuer_name           => "http://your-azure-acs-namespace.accesscontrol.windows.net",
    :issuer                => "https://your-azure-acs-namespace.accesscontrol.windows.net/v2/wsfederation",
    :realm                 => "http://my.relyingparty/realm",
    :reply                 => "http://localhost:3000/auth/wsfed/callback",
    :id_claim              => "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
    :idp_cert_fingerprint  => "FC96D2983…"

end

Configuration Options

  • :issuer_name - The URI name of your Identity Provider (IdP). Required

  • :issuer - The IdP web endpoint (URL) to which the authentication request should be sent. Required.

  • :idp_cert_fingerprint - The SHA1 fingerprint of the IdP's signing certificate (e.g. "90:CC:16:F0:8D:…"). This is provided by the IdP when setting up the trust relationship. This option or :idp_cert must be present.

  • :idp_cert - The IdP's certificate in PEM format. This option or :idp_cert_fingerprint must be present.

  • :realm - Your site's security realm. This is a URI defining the realm to which the IdP must issue a secure token. Required

  • :reply - The reply-to URL in your application for which a WSFed response should be posted. Defaults to the OmniAuth callback URL. Optional

  • :id_claim - Name of the authentication claim that you want to use as OmniAuth's uid property.

  • :saml_version - The version of SAML tokens. Defaults to 2.

Authors and Credits

Authored by Keith Beckman.

Special thanks to the developers of the following projects from which I borrowed from for omniauth-wsfed: