How to use SslRequirement plugin?

Joram · March 6, 2007, 4:51pm

Hi all,

I need to use the SslRequirement plugin for a login page.
The plugin is installed, the code is normally correct (comes straight
from AWWRoR)

class LoginController < ApplicationController
include SslRequirement

ssl_required :login

(yes, the login method is defined)

When trying to access the login page I get this in the log:

Processing LoginController#login (for 127.0.0.1 at 2007-03-06
16:44:56) [GET]
Session ID: ee439de1c66b2ec06185ac4e760c0be6
Parameters: {“action”=>“login”, “controller”=>“login”}
Redirected to https://localhost/nephrology
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0x32678a4
@filter=:ensure_proper_protocol>] returned false.
Completed in 0.00010 (10000 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://localhost/nephrology]

Anyway can help me out?

Joram · March 6, 2007, 6:15pm

On 3/6/07, Joram [email protected] wrote:

[#<ActionController::Filters::ClassMethods::SymbolFilter:0x32678a4
@filter=:ensure_proper_protocol>] returned false.
Completed in 0.00010 (10000 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://localhost/nephrology]

Anyway can help me out?

That part is an expected response… it saw that you didn’t request
with
the right protocol, and redirected you to the proper page (thus the 302
status code… that means redirect). Is your browser not going there?
What
is the specific problem?

–
-Eric Price

“The greatest error in the history of searching for meaning is assuming
that
it is found outside one’s self.”

Joram · March 6, 2007, 8:51pm

On 3/6/07, Joram [email protected] wrote:

ssl_required :login
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0x32678a4
@filter=:ensure_proper_protocol>] returned false.
Completed in 0.00010 (10000 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://localhost/nephrology]

Anyway can help me out?

It’s doing exactly what it should - redirecting through https because
the original request was http. For testing purposes you might want to
override the ssl_required? method to not bother redirecting unless in
production.

def ssl_required?
  ((self.class.read_inheritable_attribute(:ssl_required_actions)

|| []).include?(action_name.to_sym)) && RAILS_ENV == ‘production’
end

Hope this helps.

–
Zack C.
http://depixelate.com

Joram · February 17, 2010, 4:09am

Joram wrote:

I read somewhere that I should run another instance of webrick, on a
https port, is this correct?

No. You need to run a separate web server to handle the SSL requests.
It will then forward all requests to your Webrick or Mongrel instances.
See Building
Web Apps for a pretty good tutorial.

Joram · March 6, 2007, 9:20pm

Thanks for the feedback, Eric and Zack.

It redirects correct, the url is going to the https:/localhost/
(notice no port!)
But then an error number is returned (-122…).

I read somewhere that I should run another instance of webrick, on a
https port, is this correct?