RESTful Authentication for external clients

Hi All,

I have created a RESTful web api and it works fine. I have manage to use
RESTFul authentication also.

My problem is, how can i implement authentication for external clients.

Ex : If my Web service is consumed by a desktop application, how will i
be able to implement authentication. ?!!

Is there any standard way or how can i get this done
Please advice me

thankx in advance

cheers
sameera

Hi Sameera,

That should work out of the box. In the simplest case, use a
before_filter :login_required ( this is described in lib/
authenticated_system.rb) to restrict access to any set of controller
actions, and use HTTP basic authentication from the remote end
(requesting .xml, .json, etc). If you look in lib/
authenticated_system.rb this is tried after login_by_session and
login_by_cookie for any page request that expects a current_user. If
you’d like to know more on HTTP basic auth there’s an excellent
(natch) railscast here: #82 HTTP Basic Authentication - RailsCasts and I’m sure
google will have one or two links for you.

One thing to watch out for: if you use any kind of activation/email
validation/etc the current version of restful_authentication doesn’t
check that the user is active, only that their password
authenticates. I’ve handled that by routing all non-session logins
through a single become_logged_in_as! method; it raises an exception
if the user isn’t authorized to login.

Cheers,
flip

On May 28, 2:17 am, Sameera G. [email protected]