Forum: Ruby on Rails Authorisation question

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Rob B. (Guest)
on 2006-04-25 15:17
My authentication (signup/login) is up and running in my app, now I need
to implement an authorisation system.  Its not going to be a complex
one.  One admin (me) and then normal members and premium members.  Any
tutorials or tips on a simple way to get this running? Thanks.
Alan F. (Guest)
on 2006-04-25 15:20
Rob B. wrote:
> My authentication (signup/login) is up and running in my app, now I need
> to implement an authorisation system.  Its not going to be a complex
> one.  One admin (me) and then normal members and premium members.  Any
> tutorials or tips on a simple way to get this running? Thanks.

See Chad F.s Rails Recipes for 2 or 3 different authentication
options.

Available Now (!) from the Prags on PDF.

A.
Rob B. (Guest)
on 2006-04-25 15:29
Alan F. wrote:
> Rob B. wrote:
>> My authentication (signup/login) is up and running in my app, now I need
>> to implement an authorisation system.  Its not going to be a complex
>> one.  One admin (me) and then normal members and premium members.  Any
>> tutorials or tips on a simple way to get this running? Thanks.
>
> See Chad F.s Rails Recipes for 2 or 3 different authentication
> options.
>
> Available Now (!) from the Prags on PDF.
>
> A.

Yeah I have that - his examples are hard to follow for a newbie like
myself.  He uses the console to give privileges and doesn't expand his
example any further. I have tried the main one but it locks me out of
the app completely, so Im looking for a more simple method!
Charles L. (Guest)
on 2006-04-25 16:12
(Received via mailing list)
I have been writing a Rails 1.1.2 plug-in that authenticates a user
using NTLM on an IIS server.  It all works great with Webrick.  Also my
logger writes work fine when running with Webrick.  When I switch over
to Apache/FastCGI on the same box the plug-in doesn't behave as I would
expect and even more disturbing my logger statements aren't writing to
the log file.  Either the Rails standard log or to the custom mylog.log
I created just to see if I needed to define my own.  I'm a bit stuck as
to why the app logs just fine in Webrick and not with Apache/FastCGI.

Thanks,

Charles L.


module Authenticate
  def authenticate
    #mylog = Logger.new("#{RAILS_ROOT}/log/#{RAILS_ENV}")
    mylog = Logger.new("#{RAILS_ROOT}/log/mylog.log")
    mylog.info('Application starting')


    mylog.debug "coming in with session: " + session.inspect



    # We won't bother if the user is already authenticated
    unless session["authenticated_user"]
      # Check to see if we have sent the session_id to the table yet
      unless session["sent_sessionid"]
        mylog.debug "sending session id"
        @url = request.env['REQUEST_URI']
        unless @url =~ /http/i
          @url = 'http://' + request.env['SERVER_NAME'] +
request.env['REQUEST_URI']
        end
        a_session = SQLSession.new(
          :session_id => session.session_id,
          :url => @url,
          :created_at => Time.now
        )
        a_session.save
        session["sent_sessionid"] = true
        redirect_to "http://mckinley/authenticate?session_id=" +
session.session_id and return
      else
        a_session = SQLSession.find(:first, :conditions => ['session_id
= ?', session.session_id ])
        if a_session
          session["authenticated_user"] = a_session.username
          #mylog.debug "redirecting to url"
          #redirect_to a_session.url and return
          true
        else
          mylog.debug "sent_sessionid is false"
          true
        end
      end
    else
      # session["authenticated_user"] is already set
      mylog.debug "truth or dare!"
      true
    end
  end
end
Craig W. (Guest)
on 2006-04-25 17:36
(Received via mailing list)
On Tue, 2006-04-25 at 13:29 +0200, Rob B. wrote:
> > Available Now (!) from the Prags on PDF.
> >
> > A.
>
> Yeah I have that - his examples are hard to follow for a newbie like
> myself.  He uses the console to give privileges and doesn't expand his
> example any further. I have tried the main one but it locks me out of
> the app completely, so Im looking for a more simple method!
----
agreed.

I set up the basic authentication using the methodology in AWDWR. I then
switched it to use ruby::LDAP so users authenticate against my LDAP
backend but the rest of the 'User' information comes from a 'users'
table.

Then I implemented the methodology from Chad's Recipes which was a bunch
of work because I hadn't ever fooled with habtm before and that had its
own learning curve but I now have it all working. I found the lack of
view code examples in Chad's recipe for Rights/Roles somewhat
disconcerting but it is surmountable.

Craig
Charles L. (Guest)
on 2006-04-25 17:58
(Received via mailing list)
For anyone else running into this the problem was Apache was not killing
the Ruby.exe processes as it ought to.  There must have been forty stale
Ruby processes and I was getting the old plug-in from one of them.  The
solution was to either kill them all or reboot.

Charles
This topic is locked and can not be replied to.