

Ask HN? How would you implement SSO for Rails apps? - jbobo

I&#x27;ve been tasked with building out SSO. It looks like my only real option is implementing a CAS server&#x2F;client with a paid solution like OneLogin or rbCAS (open).<p>- https:&#x2F;&#x2F;www.onelogin.com&#x2F;
- https:&#x2F;&#x2F;github.com&#x2F;rbCAS&#x2F;CASino<p>1. Do I have more options besides the above? If so, which?
2. Is there a better solution besides CAS (http:&#x2F;&#x2F;jasig.github.io&#x2F;cas&#x2F;4.0.0&#x2F;index.html)?<p>Recommendations are welcome. Thanks in advance.
======
tamersalama
I think you do have options. Take a look at SAML-R (SP) [1] and Ruby SAML IDP
(IdP) [2]

They aren't perfect but can get you up and running in relatively short time.
They are also excellent in showing how things are done.

I worked with them before - implementing a solution where a single app acted
as a SP and IdP in development env (great for validation).

[1] [https://github.com/zendesk/samlr](https://github.com/zendesk/samlr) [2]
[https://github.com/lawrencepit/ruby-saml-
idp](https://github.com/lawrencepit/ruby-saml-idp)

------
walski
I had pretty good experience with building authentication/identity providers
with Doorkeeper in Rails. Your clients would then use Omniauth or the Oauth2
directly to login via that provider. I'm boarding a plane right now, so that
pulling those projects up for you is a bit tedious but just google them.
Cheers!

