Rails - Apr 2006 - Authorisation question

My authentication (signup/login) is up and running in my app, now I need 
to implement an authorisation system.  Its not going to be a complex 
one.  One admin (me) and then normal members and premium members.  Any 
tutorials or tips on a simple way to get this running? Thanks.

-- 
Posted via http://www.ruby-forum.com/.

Rob Balfour wrote:
> My authentication (signup/login) is up and running in my app, now I need 
> to implement an authorisation system.  Its not going to be a complex 
> one.  One admin (me) and then normal members and premium members.  Any 
> tutorials or tips on a simple way to get this running? Thanks.
See Chad Fowlers Rails Recipes for 2 or 3 different authentication 
options.

Available Now (!) from the Prags on PDF.

A.

-- 
Posted via http://www.ruby-forum.com/.

Alan Francis wrote:
> Rob Balfour wrote:
>> My authentication (signup/login) is up and running in my app, now I
need
>> to implement an authorisation system.  Its not going to be a complex 
>> one.  One admin (me) and then normal members and premium members.  Any 
>> tutorials or tips on a simple way to get this running? Thanks.
> 
> See Chad Fowlers Rails Recipes for 2 or 3 different authentication 
> options.
> 
> Available Now (!) from the Prags on PDF.
> 
> A.
Yeah I have that - his examples are hard to follow for a newbie like 
myself.  He uses the console to give privileges and doesn''t expand his 
example any further. I have tried the main one but it locks me out of 
the app completely, so Im looking for a more simple method!

-- 
Posted via http://www.ruby-forum.com/.

I have been writing a Rails 1.1.2 plug-in that authenticates a user 
using NTLM on an IIS server.  It all works great with Webrick.  Also my 
logger writes work fine when running with Webrick.  When I switch over 
to Apache/FastCGI on the same box the plug-in doesn''t behave as I would
expect and even more disturbing my logger statements aren''t writing to 
the log file.  Either the Rails standard log or to the custom mylog.log 
I created just to see if I needed to define my own.  I''m a bit stuck as
to why the app logs just fine in Webrick and not with Apache/FastCGI.

Thanks,

Charles Leeds


module Authenticate
  def authenticate
    #mylog = Logger.new("#{RAILS_ROOT}/log/#{RAILS_ENV}")
    mylog = Logger.new("#{RAILS_ROOT}/log/mylog.log")
    mylog.info(''Application starting'')
 
 
    mylog.debug "coming in with session: " + session.inspect
   
   
   
    # We won''t bother if the user is already authenticated
    unless session["authenticated_user"]
      # Check to see if we have sent the session_id to the table yet
      unless session["sent_sessionid"]
        mylog.debug "sending session id"
        @url = request.env[''REQUEST_URI'']
        unless @url =~ /http/i
          @url = ''http://'' +
request.env[''SERVER_NAME''] +
request.env[''REQUEST_URI'']
        end
        a_session = SQLSession.new(
          :session_id => session.session_id,
          :url => @url,
          :created_at => Time.now
        )
        a_session.save
        session["sent_sessionid"] = true
        redirect_to "http://mckinley/authenticate?session_id=" + 
session.session_id and return
      else
        a_session = SQLSession.find(:first, :conditions =>
[''session_id
= ?'', session.session_id ])
        if a_session
          session["authenticated_user"] = a_session.username
          #mylog.debug "redirecting to url"
          #redirect_to a_session.url and return
          true
        else
          mylog.debug "sent_sessionid is false"
          true
        end
      end
    else
      # session["authenticated_user"] is already set
      mylog.debug "truth or dare!"
      true
    end   
  end
end

On Tue, 2006-04-25 at 13:29 +0200, Rob Balfour wrote:
> Alan Francis wrote:
> > Rob Balfour wrote:
> >> My authentication (signup/login) is up and running in my app, now
I need
> >> to implement an authorisation system.  Its not going to be a
complex
> >> one.  One admin (me) and then normal members and premium members. 
Any
> >> tutorials or tips on a simple way to get this running? Thanks.
> > 
> > See Chad Fowlers Rails Recipes for 2 or 3 different authentication 
> > options.
> > 
> > Available Now (!) from the Prags on PDF.
> > 
> > A.
> 
> Yeah I have that - his examples are hard to follow for a newbie like 
> myself.  He uses the console to give privileges and doesn''t expand
his
> example any further. I have tried the main one but it locks me out of 
> the app completely, so Im looking for a more simple method!
----
agreed.

I set up the basic authentication using the methodology in AWDWR. I then
switched it to use ruby::LDAP so users authenticate against my LDAP
backend but the rest of the ''User'' information comes from a
''users''
table.

Then I implemented the methodology from Chad''s Recipes which was a
bunch
of work because I hadn''t ever fooled with habtm before and that had its
own learning curve but I now have it all working. I found the lack of
view code examples in Chad''s recipe for Rights/Roles somewhat
disconcerting but it is surmountable.

Craig

For anyone else running into this the problem was Apache was not killing 
the Ruby.exe processes as it ought to.  There must have been forty stale 
Ruby processes and I was getting the old plug-in from one of them.  The 
solution was to either kill them all or reboot.

Charles

Charles Leeds wrote:
> I have been writing a Rails 1.1.2 plug-in that authenticates a user 
> using NTLM on an IIS server.  It all works great with Webrick.  Also 
> my logger writes work fine when running with Webrick.  When I switch 
> over to Apache/FastCGI on the same box the plug-in doesn''t behave
as I
> would expect and even more disturbing my logger statements aren''t 
> writing to the log file.  Either the Rails standard log or to the 
> custom mylog.log I created just to see if I needed to define my own.  
> I''m a bit stuck as to why the app logs just fine in Webrick and
not
> with Apache/FastCGI.
>
> Thanks,
>
> Charles Leeds
>
>
> module Authenticate
>  def authenticate
>    #mylog = Logger.new("#{RAILS_ROOT}/log/#{RAILS_ENV}")
>    mylog = Logger.new("#{RAILS_ROOT}/log/mylog.log")
>    mylog.info(''Application starting'')
>
>
>    mylog.debug "coming in with session: " + session.inspect
>          # We won''t bother if the user is already authenticated
>    unless session["authenticated_user"]
>      # Check to see if we have sent the session_id to the table yet
>      unless session["sent_sessionid"]
>        mylog.debug "sending session id"
>        @url = request.env[''REQUEST_URI'']
>        unless @url =~ /http/i
>          @url = ''http://'' +
request.env[''SERVER_NAME''] +
> request.env[''REQUEST_URI'']
>        end
>        a_session = SQLSession.new(
>          :session_id => session.session_id,
>          :url => @url,
>          :created_at => Time.now
>        )
>        a_session.save
>        session["sent_sessionid"] = true
>        redirect_to "http://mckinley/authenticate?session_id=" + 
> session.session_id and return
>      else
>        a_session = SQLSession.find(:first, :conditions =>
[''session_id
> = ?'', session.session_id ])
>        if a_session
>          session["authenticated_user"] = a_session.username
>          #mylog.debug "redirecting to url"
>          #redirect_to a_session.url and return
>          true
>        else
>          mylog.debug "sent_sessionid is false"
>          true
>        end
>      end
>    else
>      # session["authenticated_user"] is already set
>      mylog.debug "truth or dare!"
>      true
>    end    end
> end
>
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
>
>