All posts by Dave Sahil

Gamer, Programmer, Open Source Evangelist

Cut Rubies With Ease.. Through RVM!

I have been out of touch with Ruby for quite a long time now, all thanks to my pathetic job!

In the meanwhile a lot of things have happened, like Ruby1.9.2 is finally out, and along came the even more awaited Rails 3.0

So, last weekend I made up my mind to take the plunge and set off to setup everything up and running. But as soon as I learned that my distro still doesn’t have the pkgs of the latest ruby and rubygems, I almost stopped dead in my tracks..

But then I found about RVM and everything changed. Yes.. RVM as you might have guessed is a Ruby Version Manager. RVM doesn’t work like any other pkg, its tightly integrated with the shell you use.

RVM empowers you to install and use multiple versions of ruby at the same time.
$rvm install [ruby version]

You can switch to different ruby versions, just like that..
$rvm [ruby version]

You can set a default ruby version to use whenever you open a shell
$rvm –default [ruby version]

RVM also enables you to easily manage all your gems specific to different versions of ruby.

RVM saved the day for me, and it can do it for you. For more info on RVM, checkout this link – http://rvm.beginrescueend.com/

Decoding the SSO

2 Comments

I found this a year ago but i am sharing it now!
When i was developing multiple RoR apps about a year ago, there was one basic requirement, that of a SSO solution.

Err…. i hope you guys know what SSO is?
Well for those of you who are clueless, SSO stands for Single Sign-On.

Yes, SSO is one of the most important requirements of modern web apps. SSO enables a user to use multiple apps with a single username/password and the user needs to authenticate only once to use all the connected apps.

Take the example of Google! Have you ever wondered how you can directly access (without requiring to re-enter your credentials) your orkut/picassa account, when a moment back you were using gmail. Yes Google uses SSO!

Now for the decoding part, this is how Google does it:

Have you ever observed closely, what happens whenever you try to access any of the Google services for the first time?
The first request is always redirect to google’s main domain (i.e google.com) along with a set of parameters:
1. service -> which tells the service being requested
2. continue -> which tells the web location where the request should be forwarded after it is authenticated on the main domain

There are a few more parameters, but the above two are the most important.

Once you authenticate yourself on any google service, a cookie is created on the main domain. This cookie is checked whenever you try to access some other google service for the first time.
Once your identification is established on the main domain, another cookie with similar info is set on the service/webapp you are accessing (e.g. mail.google.com / orkut.com / blogger.com)
So, the subsequent requests to the same webapp, need not be redirected to the main domain for authentication!

The reverse happens, when you logout of a google service. The cookie on the current app is removed and then the request is forwarded to main domain to remove the cookie over there as well.
This makes sure that you logout of all the google services at one go!

For more info, on how you can implement SSO in your webapps, refer to these links:

http://www.jasig.org/cas
http://code.google.com/p/rubycas-server/
http://code.google.com/p/rubycas-client/