Rails - Mar 2006 - [noob] params vs query string

We''ve got a lot of existing legacy systems, and as a simple  
proof-of-concept I''m trying to get rails to work as an extension for  
these systems in a relatively transparent way.  I''ve got rails running
on another server with access to the same database as the legacy system.  
 I''m simply popping up the rails in a frame on the legacy system, so
the
user can hardly tell that they''ve left the server.

The tricky part is authentication.  I know I can''t read the cookie from
the other domain, so I''m passing the md5 hash in the query string in
the
initial link to the rails app (with a typical ?something=something).   
I''m hoping to be able to access this via the params array, query the  
session table for the user info, and then build another cookie that the  
rails apps can use.  Even merely querying the session table before any  
controller requests and making sure that the hash from the initial URL  
request is present, and checking these before any actions in the  
controller requests, might be sufficient for the time being (not a high  
load system).

My first question is simple -- why aren''t the paramaters I''m
passing in
the params array?  If I print out params I can see that the controller  
and action are in there, but the one paramter I passed in the initial  
url isn''t.  I can parse response.query_string myself to get it, but it
feels like that shoudn''t be necessary.  Is there a better way to get
this?

More generally, has anyone done this sort of authentication.  There  
isn''t any important information in the cookie really.  I just want to
to
verify that the user has a valid login cookie from the other system.  Is  
there a general way I can take the cookie md5 hash passed from the  
initial query request into the rails system, and build a cookie that  
rails will then rely on for authentication?

-- 
Posted with http://DevLists.com.  Sign up and save your time!

Just came across this.  Have you had any luck resolving as of yet?

You should be able to access everything via the params hash.

Try this:

result = @params[:something]

Replace ":something" with the symbol of your query variable.

On 17 Mar 2006 22:08:31 -0000, kevin finn
<devlists-rubyonrails@devlists.com> wrote:
> We''ve got a lot of existing legacy systems, and as a simple
> proof-of-concept I''m trying to get rails to work as an extension
for
> these systems in a relatively transparent way.  I''ve got rails
running
> on another server with access to the same database as the legacy system.
>  I''m simply popping up the rails in a frame on the legacy system,
so the
> user can hardly tell that they''ve left the server.
>
> The tricky part is authentication.  I know I can''t read the cookie
from
> the other domain, so I''m passing the md5 hash in the query string
in the
> initial link to the rails app (with a typical ?something=something).
> I''m hoping to be able to access this via the params array, query
the
> session table for the user info, and then build another cookie that the
> rails apps can use.  Even merely querying the session table before any
> controller requests and making sure that the hash from the initial URL
> request is present, and checking these before any actions in the
> controller requests, might be sufficient for the time being (not a high
> load system).
>
> My first question is simple -- why aren''t the paramaters
I''m passing in
> the params array?  If I print out params I can see that the controller
> and action are in there, but the one paramter I passed in the initial
> url isn''t.  I can parse response.query_string myself to get it,
but it
> feels like that shoudn''t be necessary.  Is there a better way to
get this?
>
> More generally, has anyone done this sort of authentication.  There
> isn''t any important information in the cookie really.  I just want
to to
> verify that the user has a valid login cookie from the other system.  Is
> there a general way I can take the cookie md5 hash passed from the
> initial query request into the rails system, and build a cookie that
> rails will then rely on for authentication?
>
> --
> Posted with http://DevLists.com.  Sign up and save your time!
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>