search for: wss4r

Hi everyone, I released WSS4R: http://www.rubyforge.org/projects/wss4r. WSS4R is a subset of a web service security standards implementation. It''s based on soap4r and tested with Microsoft .NET WSE 2.0 and Sun Java JWSDP 2.0. WSS4R supports username authentication, signing and encryption. It also has limited support...

Hi, Does anyone know how I can go about securing web services created from ActionWebService? The manual from rubyonrails.org (http://manuals.rubyonrails.com/read/book/10) doesn''t say anything at all on this ... or do I have to implement my own access control? -- Sau Sheong http://www.saush.com http://read.saush.com http://jaccal.sourceforge.net -------------- next part

Hi all, How do folks generally secure their Rails web services? A password in a config file? A ''webservice'' user in a ''Users'' table with its own password? LDAP authentication for every method? Only authenticate on the "important" methods? Something else I''m not thinking of? I''d like to be secure, yet practical, for the sake

Hi all, I''ve got a Rails app with a ApplicationController that looks like this: class ApplicationController < ActionController::Base before_filter :authorize, :except => :login def authorize unless session[:user] flash[:notice] = "Please log in" session[:jumpto] = request.parameters redirect_to :controller =>

I want to setup an api for my web app, but i had a few question on the best way to do this. I was hoping for some input from you experienced individuals and rails rock stars. 1) Is there a way to implement a login in feature so that api methods cant be called without proper authorization? This is so i can log activity and use of the api from different people and so -------------- next part

I need to restrict access to only certain parts of a web service I''m building. Instead of requiring a client to submit their user/pass with each interaction I''d like to login them in once (currently using acts_as_authenticated in the rest of the site) and not have to fuss with it again during that session. Only problem is I can''t use AAA on an ActionWebService