My authentication (signup/login) is up and running in my app, now I need to implement an authorisation system. Its not going to be a complex one. One admin (me) and then normal members and premium members. Any tutorials or tips on a simple way to get this running? Thanks. -- Posted via http://www.ruby-forum.com/.
Rob Balfour wrote:> My authentication (signup/login) is up and running in my app, now I need > to implement an authorisation system. Its not going to be a complex > one. One admin (me) and then normal members and premium members. Any > tutorials or tips on a simple way to get this running? Thanks.See Chad Fowlers Rails Recipes for 2 or 3 different authentication options. Available Now (!) from the Prags on PDF. A. -- Posted via http://www.ruby-forum.com/.
Alan Francis wrote:> Rob Balfour wrote: >> My authentication (signup/login) is up and running in my app, now I need >> to implement an authorisation system. Its not going to be a complex >> one. One admin (me) and then normal members and premium members. Any >> tutorials or tips on a simple way to get this running? Thanks. > > See Chad Fowlers Rails Recipes for 2 or 3 different authentication > options. > > Available Now (!) from the Prags on PDF. > > A.Yeah I have that - his examples are hard to follow for a newbie like myself. He uses the console to give privileges and doesn''t expand his example any further. I have tried the main one but it locks me out of the app completely, so Im looking for a more simple method! -- Posted via http://www.ruby-forum.com/.
I have been writing a Rails 1.1.2 plug-in that authenticates a user using NTLM on an IIS server. It all works great with Webrick. Also my logger writes work fine when running with Webrick. When I switch over to Apache/FastCGI on the same box the plug-in doesn''t behave as I would expect and even more disturbing my logger statements aren''t writing to the log file. Either the Rails standard log or to the custom mylog.log I created just to see if I needed to define my own. I''m a bit stuck as to why the app logs just fine in Webrick and not with Apache/FastCGI. Thanks, Charles Leeds module Authenticate def authenticate #mylog = Logger.new("#{RAILS_ROOT}/log/#{RAILS_ENV}") mylog = Logger.new("#{RAILS_ROOT}/log/mylog.log") mylog.info(''Application starting'') mylog.debug "coming in with session: " + session.inspect # We won''t bother if the user is already authenticated unless session["authenticated_user"] # Check to see if we have sent the session_id to the table yet unless session["sent_sessionid"] mylog.debug "sending session id" @url = request.env[''REQUEST_URI''] unless @url =~ /http/i @url = ''http://'' + request.env[''SERVER_NAME''] + request.env[''REQUEST_URI''] end a_session = SQLSession.new( :session_id => session.session_id, :url => @url, :created_at => Time.now ) a_session.save session["sent_sessionid"] = true redirect_to "http://mckinley/authenticate?session_id=" + session.session_id and return else a_session = SQLSession.find(:first, :conditions => [''session_id = ?'', session.session_id ]) if a_session session["authenticated_user"] = a_session.username #mylog.debug "redirecting to url" #redirect_to a_session.url and return true else mylog.debug "sent_sessionid is false" true end end else # session["authenticated_user"] is already set mylog.debug "truth or dare!" true end end end
On Tue, 2006-04-25 at 13:29 +0200, Rob Balfour wrote:> Alan Francis wrote: > > Rob Balfour wrote: > >> My authentication (signup/login) is up and running in my app, now I need > >> to implement an authorisation system. Its not going to be a complex > >> one. One admin (me) and then normal members and premium members. Any > >> tutorials or tips on a simple way to get this running? Thanks. > > > > See Chad Fowlers Rails Recipes for 2 or 3 different authentication > > options. > > > > Available Now (!) from the Prags on PDF. > > > > A. > > Yeah I have that - his examples are hard to follow for a newbie like > myself. He uses the console to give privileges and doesn''t expand his > example any further. I have tried the main one but it locks me out of > the app completely, so Im looking for a more simple method!---- agreed. I set up the basic authentication using the methodology in AWDWR. I then switched it to use ruby::LDAP so users authenticate against my LDAP backend but the rest of the ''User'' information comes from a ''users'' table. Then I implemented the methodology from Chad''s Recipes which was a bunch of work because I hadn''t ever fooled with habtm before and that had its own learning curve but I now have it all working. I found the lack of view code examples in Chad''s recipe for Rights/Roles somewhat disconcerting but it is surmountable. Craig
For anyone else running into this the problem was Apache was not killing the Ruby.exe processes as it ought to. There must have been forty stale Ruby processes and I was getting the old plug-in from one of them. The solution was to either kill them all or reboot. Charles Charles Leeds wrote:> I have been writing a Rails 1.1.2 plug-in that authenticates a user > using NTLM on an IIS server. It all works great with Webrick. Also > my logger writes work fine when running with Webrick. When I switch > over to Apache/FastCGI on the same box the plug-in doesn''t behave as I > would expect and even more disturbing my logger statements aren''t > writing to the log file. Either the Rails standard log or to the > custom mylog.log I created just to see if I needed to define my own. > I''m a bit stuck as to why the app logs just fine in Webrick and not > with Apache/FastCGI. > > Thanks, > > Charles Leeds > > > module Authenticate > def authenticate > #mylog = Logger.new("#{RAILS_ROOT}/log/#{RAILS_ENV}") > mylog = Logger.new("#{RAILS_ROOT}/log/mylog.log") > mylog.info(''Application starting'') > > > mylog.debug "coming in with session: " + session.inspect > # We won''t bother if the user is already authenticated > unless session["authenticated_user"] > # Check to see if we have sent the session_id to the table yet > unless session["sent_sessionid"] > mylog.debug "sending session id" > @url = request.env[''REQUEST_URI''] > unless @url =~ /http/i > @url = ''http://'' + request.env[''SERVER_NAME''] + > request.env[''REQUEST_URI''] > end > a_session = SQLSession.new( > :session_id => session.session_id, > :url => @url, > :created_at => Time.now > ) > a_session.save > session["sent_sessionid"] = true > redirect_to "http://mckinley/authenticate?session_id=" + > session.session_id and return > else > a_session = SQLSession.find(:first, :conditions => [''session_id > = ?'', session.session_id ]) > if a_session > session["authenticated_user"] = a_session.username > #mylog.debug "redirecting to url" > #redirect_to a_session.url and return > true > else > mylog.debug "sent_sessionid is false" > true > end > end > else > # session["authenticated_user"] is already set > mylog.debug "truth or dare!" > true > end end > end > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >