Forum: Ruby on Rails HTTP Digest Authentication not working

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ae2e636871f0382a09781ffdc5c014d9?d=identicon&s=25 javinto (Guest)
on 2009-04-09 11:05
(Received via mailing list)
Hi to all,

I've created a new project with Rails 2.3.2 and literally copied the
HTTP Digest Authententication example from the documentation into a
SecretsController:

class SecretsController < ApplicationController

  Users = {"dhh" => "secret"}
  before_filter :authenticate

  def secret
    render :text => "Password Required!"
  end

  private
  def authenticate
    realm = "Application"
    authenticate_or_request_with_http_digest(realm) do |name|
      Users[name]
    end
  end
end

Now, I do get the HTTP authentication dialog in my browser(s), but
entering any name will let me pass!! Only on Escape I get the
unauthorized page. But wrong names or passwords will let me through!

In my log file I get:

Processing SecretsController#index (for 127.0.0.1 at 2009-04-09
10:44:32) [GET]
Filter chain halted as [:authenticate] rendered_or_redirected.
Completed in 16ms (View: 16, DB: 0) | 401 Unauthorized [http://
localhost/secrets]
   [4;36;1mSQL (0.0ms) [0m    [0;1mSET NAMES 'utf8' [0m
   [4;35;1mSQL (0.0ms) [0m    [0mSET SQL_AUTO_IS_NULL=0 [0m

Processing SecretsController#index (for 127.0.0.1 at 2009-04-09
10:44:35) [GET]
Rendering template within layouts/secrets
Rendering secrets/index
Completed in 811ms (View: 811, DB: 0) | 200 OK [http://localhost/
secrets]
host/secrets]
   [4;36;1mSQL (0.0ms) [0m    [0;1mSET NAMES 'utf8' [0m
   [4;35;1mSQL (0.0ms) [0m    [0mSET SQL_AUTO_IS_NULL=0 [0m

What is missing? Something in my routes?

I've tried this with IE/Safari/Firefox on Vista and XP.
I'm running on localhost with a XAMPP installation. Should I configure
something?

Thanks

Jan
This topic is locked and can not be replied to.