ActiveRBAC 0.2 Released
I’m happy to announce the release of ActiveRBAC 0.2. ActiveRBAC is a
authentication and permission management library for Ruby On Rails.
ActiveRBAC is aiming to become the “standard” authentication and
authorization layer for RoR so that Engines (“Components” called
outside of RoR) can become really interchangeable since they use the
same user/permission schema.
Grab your copy now from
If you want to learn more about ActiveRBAC, visit:
 and  might be unavailable from 7pm-8pm PST today because of
There is a mailing list for this project at:
Feel free to post questions, suggestions and errors there. You can
find a Trac instance for bug reporting at 
Changes from 0.1 to 0.2
- ActiveRBAC supports RoR 0.14.x now (and should thus support 1.0)
- The verify_block macro has been removed. Use a before_filter
instead. The minicms-roles and minicms-permissions contain examples
- ActiveRBAC can now be configured using config/
active_rbac_configuration.rb. This configuration file is loaded on
every request in developer modes so changes are instant.
- The rbac_railfix file has been moved to a plugin where mixins belong.
- The user schema adds a “password_salt” field and passwords are
salted now. This breaks compatibility with data from 0.1 since
passwords are hashed in an incompatible way (hash(password + salt)
instead hash(password)). We suggest you to notify your customers (if
you are using 0.1 in production already) per email. Resetting their
password is no problem with ActiveRBAC’s interface.
- The idiosyncratic differentiation of actions (e.g.
“confirm”-“acknowledge”) has been removed in RegistrationController
and LoginControlle. Actions are considered the same now and "confirm
- GET" is old “confirm” and “confirm + POST” is “old aknowlegde”.
- Added some HOWTOs, general documentation update.
- Added “permissions” derivation of “minicms” to demonstrate the
usage of permissions.
- Moving User::STATES to User.states (constant => method) so it can
be overridden easier.
“Rails Engines” is striving for world domination and ActiveRBAC will
join this project’s course We will soon convert ActiveRBAC into an
Engine and thus make using and customizing it easier.
We want to make the system useable in a multilangual environment.
Thus we will incorporate i18n and l10n (fuzzy buzzwords - but still!)
We will also add caching and improve the ARBAC’s performance in a