Windows Domain Authentication with Rails 4
Jason Douglas of Microsoft (yah, that’s right, Microsoft) has posted a fantastic article over on the Rails wiki on how to do integrated Windows domain authentication with Rails. A must read for anyone stuck at a Windows shop (like me) trying to “sneak Ruby through the system” (like me).
Thanks Jason!
Please, please note the second bullet point: Your page should be encrypted.
This is Windows authentication all right, but it is not "Integrated". The user still has to enter the password. You get "Single" Sign-On only to the effect that the user has one password to remember, not that (s)he has to enter it only once.
IMHO, this is bad security practice, because it teaches the user to enter their password into various sites that simply ask for it.
A better solution would have been to call the SSPI functions to perform a handshake with the login token.
Thanks for the write-up.
By virtue of human reason, Galileo tells us that the Antinomies, indeed, are by their very nature contradictory.
Noetic acts call our attention to the fact that I, the meditating phenomenologist, set myself the all-embracing task of uncovering������� myself by a freely actualizable return to multiplicities of the repeatable act of grounding of noetic acts.