What are folks doing for their authorization control in their RoR applications. I am currently looking at the following resources http://www.billkatz.com/authorization (authorization plugin) http://perens.com/FreeSoftware/ModelSecurity/Tutorial.html (model security) I imagine that most people are using acts_as_authenticated and the authorization plugin to implement the authentication/authorization. Any feedback would be appreciates? cheers </jima> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
wiz561-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
2007-Apr-03 16:29 UTC
Authentication and Authorization
Hi! I have a question about authentication and authorization. I would like to authenticate users through apache, and pass their username across into rails. In rails, I have a table in my database called ''people'', a table called ''groups'', and a table called ''results''. I would like rails to look up the group_id in the people table, and filter rows in the ''results'' table based on the group_id. I also have a ''group_id'' in the results table. So, for example, if my login name was ''bob'' and my group was ''hr'' with a group id of ''1'', it would have ''bob'' and ''1'' in the people table, ''1'' ''hr'' in the group table, and ''1'' in the results table. Then, when bob logs in, he would see just ''hr'' information from the results table. I was hoping somebody could recommend something or a ''howto'' to do this. I stumbled upon some authentication programs, but it seems like they are either too advanced or either allow or deny somebody. Thanks in advanced.... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Check out Coda Hale''s Simple HTTP Auth plugin. You should be able to accomplish what you want with it. http://blog.codahale.com/2006/05/11/basic-http-authentication-with-rails-simple_http_auth/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---