Okay, so I''m migrating my system over to being more RESTful and quite enjoying the process. The obvious thing that happens is you start thinking about how easy it is for everything to start using the rails rest interfaces for getting and manipulating data. But what happens when I want to control who can call an update or delete? In rails I''d have a before_filter to check authorisation, but what happens with some other application trying to consume my service that hasn''t neccessarily logged in to the web page? How could I replicate the login process in something outside of rails to make the most of the REST services I''m creating? Thanks, Glenn --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Glenn,> Okay, so I''m migrating my system over to being more RESTful[snip]> But what happens when I want to control who can call an update or > delete? In rails I''d have a before_filter to check authorisation, but > what happens with some other application trying to consume my service > that hasn''t neccessarily logged in to the web page? > > How could I replicate the login process in something outside of rails > to make the most of the REST services I''m creating?You could use an HTTP Authentication scheme (Basic or Digest), such as the one provided by the restful_authentication plugin[1] for both HTML and XML requests. I am assuming your services use XML to talk to each other... [1] http://www.agilewebdevelopment.com/plugins/restful_authentication -christos --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Christos, Thanks for that, I''ll look into it. Glenn --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---