Forum: Ruby on Rails Authentication/authorization resources?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Christopher J. Mackie (Guest)
on 2005-12-27 22:09
(Received via mailing list)
I've been lurking on the list for a few weeks now, as well as working
through the Agile book and the Wiki, and I've run across several
detailed discussions about authentication/authorization (A/A: includes
login, permissions, ACLs, etc., etc.).  I've been particularly struck by
the apparent consensus that it's impossible to design a general-purpose
A/A plug-in for Rails or web apps more generally. That's bad news, as I
would love to benefit from the work of somebody smarter and
better-educated about A/A and Rails than I am :-)

I have to work up an A/A strategy for a new web app project, and I'm
wondering if people have any suggestions for higher-level tutorial
resources on A/A?  What I have in mind is not one more plug-in or a
ruby/rails code tutorial, but a more conceptual discussion of how to
think about A/A needs and tradeoffs when designing a site, design
patterns that work for particular domains of A/A problems, and what to
think about when designing a web-app permissions system for scalability,
extensibility, performance, etc.

Anyone got favorite books, articles, other resources that they can
recommend?

tia,  --CJ
This topic is locked and can not be replied to.