Hi,
Just wondering what the most popular approach is for authentication and
authorisation in a rails application that is deployed and fronted by
apache? Also when there are say a couple of rails apps being hosted.
Authentication
[1] Options would seem to include:
- Do it within rails/your app? Use of a “before_filter” per the Rails
Recipes book - Use of Apache to authenticator & define users? (I’m just assuming
this is an option).
[2] Also if you wanted to have users use multiple deployed rails apps on
the same hosted site what mechanism is the most popular to leverage this
(i.e. a standalone rails user management web app, use of apache etc?)
Authorisation
[3] I assume this would need to be implemented in the ruby app but
either:
a) do it separately in each app (i.e. re-implement each time) OR
b) have a common user/role table that each deployed rails app hooks into
- in this case whats the best mechanism to extract/abstract the code out
of each rails application?
Cheers