Hi,
I’m using the http_authentication plugin, and everything’s working
fine in my development environment with webrick. However, when I run
on my production platform of apache2+mod_fcgid,
authenticate_or_request_with_http_basic() always returns false, and
(more interestingly) never processes the block. See example below.
Here’s my setup:
- apache 2.0.55
- libapache2-mod-fcgid 1.07-1
- ruby 1.8.2-1
- libfcgi-ruby1.8 0.8.6-1
- rails 1.2.3
- http_authentication r6836 from
http://svn.rubyonrails.org/rails/plugins
(hasn’t changed since 2006-12-02?)
For an example, in the following test code, the second debug message
(with username and password) is never reached.
class FooController < ApplicationController
before_filter :test_auth
def test_auth
logger.info “test_auth: debug about to authenticate”
authenticate_or_request_with_http_basic do |username, pass|
logger.info “test_auth: debug #{username}, #{pass}”
true
end
end
def index
end
end
When the above test code runs in webrick, all is well. Running in
apache2 + mod_fcgid, the following happens:
- message appears in the log:
Processing FooController#index (for 127.0.0.1 at 2007-05-25 15:32:05)
[GET]
Session ID: b633470f7d331ae1603204f5b879ece3
Parameters: {“action”=>“index”, “controller”=>“foo”}
test_auth: debug about to authenticate
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0xb755ac18
@filter=:test_auth>] returned false.
Completed in 0.00040 (2487 reqs/sec) | Rendering: 0.00007 (17%) | 401
Unauthorized [http://scmodstest/foo/index]
-
user is prompted by user agent (browser) for name and password.
-
message appears in the log:
Processing FooController#index (for 127.0.0.1 at 2007-05-25 15:32:12)
[GET]
Session ID: b633470f7d331ae1603204f5b879ece3
Parameters: {“action”=>“index”, “controller”=>“foo”}
test_auth: debug about to authenticate
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0xb74aee90
@filter=:test_auth>] returned false.
Completed in 0.00036 (2816 reqs/sec) | Rendering: 0.00007 (19%) | 401
Unauthorized [http://scmodstest/foo/index]
- lather, rinse, repeat.
Does anybody have any idea what’s going on here? Has anyone else had
similar problems in a similar environment? How about success in a
similar environment?
-mike