Whitch of the authentication methodes to choose?

Hi List!

I was searching the web for a HowTo about authatication or session
handling in rails.
Finally I found http://wiki.rubyonrails.com/rails/pages/Authentication
and read:

“This article is part of the confusing world of Authentication in
Rails. Feel free to get lost in a gazillion of nearly useless and/or
outdated Wikipages.”

Hmm, that’s funny, but reading more I found out there are two or three
methods whitch seem to be not as bad as announced. I’m talking about
“Acts_as_authenticated”, “SaltedHashLoginGenerator” or

But now, which to choose?

What I need is a secure authetication method. But what of them is
still secure, or which is outdated or whatever? What are you using, or
suggesting to me? Are there other alternatives?

Thank you all!


The “gazillion” nearly useless pages probably is referring to the
gazillion different generators and plugins that have been written,
some of which are no longer supported by their authors.
Authentication is such a common case, you would think it a perfect
match for a plugin, but my experience is that users tend to be tied
not just with authentication but also with other aspects of the
application. This can lead to unexpected results when you log someone
in with your fine plugin, then expect that user to has_many :posts or
something like that.

I hope this explains a bit about why so many pages and methods exist
for authentication.

On Jun 12, 2007, at 4:10 AM, Spitfire wrote:

outdated Wikipages."
suggesting to me? Are there other alternatives?

Thank you all!


Steve R.
[email protected]