RubyCAS server gets a new SQL Encrypted Authenticator

The RubyCAS server is a cool little project that implements the Central Authentication Service (CAS)
protocol using Ruby with the Camping framework. Basically, it is a really slick and easy way to get single sign on to all of your apps by keeping the authentication of your users in one central location. This location can be LDAP, database, etc...
There is also a ruby client for this protocol making integration painless.

I first found out about this gem when I was at RubyConf and heard Justin Gehtland present about it. If you are still curious about what CAS is exactly then you should go check out the confreaks recording of the presentation.

I have been using the CAS server at work for a bit now in a new app/platform we are currently building. Setting up the server was extremely easy and the only tweaking we had to do was to make a secure SQL authenticator. The RusyCAS server ships with some default authenticators for all of the different methods but the SQL one was pretty basic and just used plaintext storage as an example. Since everyone knows that storing passwords in plaintext is a no-no we (myself and co-worker Jake Cahoon) implemented a simple authenticator for the common case of the users being stored in the database with a salt and SHA hash being used for the passwords. After someone asked about this on the mailing list we posted our authenticator and client side code (largely based off of restful-authentication rails plugin.) Matt Zukowski, the creator of the RubyCAS server, has now refactored our code and merged it into the gem. So getting your apps up and running with single-signons using a database to store your users has never been easier! Matt even wrote a tutorial about using the new authenticator with the server.