HTTP Digest Authentication not working


#1

Hi to all,

I’ve created a new project with Rails 2.3.2 and literally copied the
HTTP Digest Authententication example from the documentation into a
SecretsController:

class SecretsController < ApplicationController

Users = {“dhh” => “secret”}
before_filter :authenticate

def secret
render :text => “Password Required!”
end

private
def authenticate
realm = “Application”
authenticate_or_request_with_http_digest(realm) do |name|
Users[name]
end
end
end

Now, I do get the HTTP authentication dialog in my browser(s), but
entering any name will let me pass!! Only on Escape I get the
unauthorized page. But wrong names or passwords will let me through!

In my log file I get:

Processing SecretsController#index (for 127.0.0.1 at 2009-04-09
10:44:32) [GET]
Filter chain halted as [:authenticate] rendered_or_redirected.
Completed in 16ms (View: 16, DB: 0) | 401 Unauthorized [http://
localhost/secrets]
[4;36;1mSQL (0.0ms) [0m [0;1mSET NAMES ‘utf8’ [0m
[4;35;1mSQL (0.0ms) [0m [0mSET SQL_AUTO_IS_NULL=0 [0m

Processing SecretsController#index (for 127.0.0.1 at 2009-04-09
10:44:35) [GET]
Rendering template within layouts/secrets
Rendering secrets/index
Completed in 811ms (View: 811, DB: 0) | 200 OK [http://localhost/
secrets]
host/secrets]
[4;36;1mSQL (0.0ms) [0m [0;1mSET NAMES ‘utf8’ [0m
[4;35;1mSQL (0.0ms) [0m [0mSET SQL_AUTO_IS_NULL=0 [0m

What is missing? Something in my routes?

I’ve tried this with IE/Safari/Firefox on Vista and XP.
I’m running on localhost with a XAMPP installation. Should I configure
something?

Thanks

Jan