Howto stop rails grabbing the auth for another app in subdir

Hi,

I have rails running with the rails goldberg content management system
which is doing some user authentication etc. I also have OSCommerce
running. My public_html is a symbolic link to my rails app directory.
OSCommerce is installed in /public_html/osc and this works fine.
However the admin pages for OSCommerce are located at
/public_html/osc/admin and are restricted using .htaccess and BasicAuth.

My problem is that when I try to access the admin for osc, the authorize
is getting picked up by rails and rails shows a 404 not found. If I
stop rails then the osc admin authentication works. I fairly sure that
rails is grabbing the 403 authorize and therefore breaking osc for me.

How can I stop rails from grabbing the 403 authorize for this
application.

I have experimented with restricting the directory in the .htaccess file
in my rails app directory, but whilst this allows me to get access to
the /osc pages it doesn’t work for the /osc/admin pages as it is the 403
authorize request that gets grabbed, not the request for the initial
page.

So far the only way I have managed to get around this is to stop the
Basic Auth in the .htaccess file in /osc/admin and replace it with an ip
allow to allow a specific ip address access only and hence not requiring
Basic Auth, but this is not ideal as I am not on a static IP and need to
keep SSH’ing in and changing the IP Address in the .htaccess file.

Any help would be greatly appreciated.

Cheers,

G.

Hi Graham,

Wow, you’re courageous to try running a PHP framework within Rails!

I don’t know if this will help, but you might like to look at
RAILS_ROOT/public/.htaccess. That’s where Rails rewrites all requests
to be handled by dispatch.cgi (or dispatch.fcgi depending on your
configuration). Check the Apache documentation: there may be a way of
configuring those RewriteRule’s so that the directory where OSCommerce
lives isn’t routed to Rails.

Regards,
Dave

urbanus wrote:

Hi Graham,

Wow, you’re courageous to try running a PHP framework within Rails!

I don’t know if this will help, but you might like to look at
RAILS_ROOT/public/.htaccess. That’s where Rails rewrites all requests
to be handled by dispatch.cgi (or dispatch.fcgi depending on your
configuration). Check the Apache documentation: there may be a way of
configuring those RewriteRule’s so that the directory where OSCommerce
lives isn’t routed to Rails.

Regards,
Dave

Hi Dave,

Thanks for the info. I have done this but whilst it stops the directory
being routed by rails, rails still routes the 403 Authorise that is
initiated by the .htaccess file in the OScommerce osc/admin directory.
I need the .htaccess in that directory in order to secure the admin
directory. It is the 403 authorize that rails grabs despite leaving
alone all other requests for that directory.

If you have any ideas as to how I can stop this happening I’d really
appreciate your help. It’s not so much that I want to run php in rails,
it’s more a case of I need an e-commerce solution and I have written my
website using rails as I have also used a rails content management
system. So I just need my rails apps to co-exist with the OSCommerce
app on the same hosting space.

I suppose I could run a different e-commerce app, but I’m not sure there
is an e-commerce solution for rails?

Regards,

G