Dear all, How do we secure URL with rails? So only authenticated and authorized users allowed to view certain URL. Is there any configuration that I must set for this? Many thanks --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Joshua Jackson wrote:> Dear all, > > How do we secure URL with rails? So only authenticated and authorized > users allowed to view certain URL. Is there any configuration that I > must set for this? > > Many thanksWell i guess its not the url but the method which needs to be secured..say suppose the edit page which is accessible only to the admin so in the method u can define that the logged in user should be admin..and thats how u can put restriction on the user to access that particular path / url Hope this helps Thanks Dhaval Parikh Software Engineer Ruby on Rails www.railshouse.com sales(AT)railshouse(DOT)com -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Dhaval''s right. small addition to his reply: if you wanna secure a whole part of your url (speak yoururl/admin/* for example) it''s probably the best to put "before_filter :validate_login" and the implementation of your validate_login-method either into a specific-controller to secure this part of your webapp (i.e. admin_controller.rb), or into the application_controller.rb to secure your whole app. That way Rails is always calling your validate_login-method before calling the actual action. Hope this works! Good luck! Simon On Jun 24, 1:35 pm, Dhaval Parikh <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Joshua Jackson wrote: > > Dear all, > > > How do we secure URL with rails? So only authenticated and authorized > > users allowed to view certain URL. Is there any configuration that I > > must set for this? > > > Many thanks > > Well i guess its not the url but the method which needs to be > secured..say suppose the edit page which is accessible only to the admin > so in the method u can define that the logged in user should be > admin..and thats how u can put restriction on the user to access that > particular path / url > > Hope this helps > > Thanks > > Dhaval Parikh > Software Engineer > Ruby on Railswww.railshouse.com > sales(AT)railshouse(DOT)com > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hi guys, First of all thanks very much for the response. But since I have no experience with Rails yet, could anyone give me a sample code? Also I''ve heard about restful_authentification are able to do this? Does anyone know where can I get it? I''ve used gem but ended with no luck. Many thanks, On Jun 24, 8:50 pm, smn <simon.baumgartne...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> Dhaval''s right. small addition to his reply: > > if you wanna secure a whole part of your url (speak yoururl/admin/* > for example) it''s probably the best to put > > "before_filter :validate_login" and the implementation of your > validate_login-method > > either into a specific-controller to secure this part of your webapp > (i.e. admin_controller.rb), > or into the application_controller.rb to secure your whole app. > > That way Rails is always calling your validate_login-method before > calling the actual action. > > Hope this works! > > Good luck! Simon > > On Jun 24, 1:35 pm, Dhaval Parikh <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > wrote: > > > Joshua Jackson wrote: > > > Dear all, > > > > How do we secure URL with rails? So only authenticated and authorized > > > users allowed to view certain URL. Is there any configuration that I > > > must set for this? > > > > Many thanks > > > Well i guess its not the url but the method which needs to be > > secured..say suppose the edit page which is accessible only to the admin > > so in the method u can define that the logged in user should be > > admin..and thats how u can put restriction on the user to access that > > particular path / url > > > Hope this helps > > > Thanks > > > Dhaval Parikh > > Software Engineer > > Ruby on Railswww.railshouse.com > > sales(AT)railshouse(DOT)com > > -- > > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Joshua, There are plugin available that make this very easy to accomplish. My personal favorite, and the one I use for all my projects is restful_authentication. http://agilewebdevelopment.com/plugins/restful_authentication Very easy to get started using this plugin and will give you the functionality that you''re looking for. Begin by reading the README included with the plugin. Then take a look at the files that get added to your ./lib directory of your project for more details. On Jun 24, 10:31 am, Joshua Jackson <joshua.j...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hi guys, > > First of all thanks very much for the response. But since I have no > experience with Rails yet, could anyone give me a sample code? Also > I''ve heard about restful_authentification are able to do this? Does > anyone know where can I get it? I''ve used gem but ended with no luck. > > Many thanks, > > On Jun 24, 8:50 pm, smn <simon.baumgartne...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote: > > > Dhaval''s right. small addition to his reply: > > > if you wanna secure a whole part of your url (speak yoururl/admin/* > > for example) it''s probably the best to put > > > "before_filter :validate_login" and the implementation of your > > validate_login-method > > > either into a specific-controller to secure this part of your webapp > > (i.e. admin_controller.rb), > > or into the application_controller.rb to secure your whole app. > > > That way Rails is always calling your validate_login-method before > > calling the actual action. > > > Hope this works! > > > Good luck! Simon > > > On Jun 24, 1:35 pm, Dhaval Parikh <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > > wrote: > > > > Joshua Jackson wrote: > > > > Dear all, > > > > > How do we secure URL with rails? So only authenticated and authorized > > > > users allowed to view certain URL. Is there any configuration that I > > > > must set for this? > > > > > Many thanks > > > > Well i guess its not the url but the method which needs to be > > > secured..say suppose the edit page which is accessible only to the admin > > > so in the method u can define that the logged in user should be > > > admin..and thats how u can put restriction on the user to access that > > > particular path / url > > > > Hope this helps > > > > Thanks > > > > Dhaval Parikh > > > Software Engineer > > > Ruby on Railswww.railshouse.com > > > sales(AT)railshouse(DOT)com > > > -- > > > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---