[英]Rails 2.x http basic authentication
我正在尝试在Rails应用程序上使用基本的HTTP身份验证。 我提供了一个由Rails服务器提供的简单REST接口,仅xml / json输出。
每个方法都需要身份验证,因此我将身份验证过滤器放在ApplicationController中:
class ApplicationController < ActionController::Base
helper :all # include all helpers, all the time
before_filter :authenticate
protected
def authenticate
authenticate_or_request_with_http_basic do |u, p|
true
end
end
end
即使方法返回true,我仍从服务器收到401:
$ curl http://127.0.0.1:3000/myresource/1.xml -i
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
WWW-Authenticate: Basic realm="Application"
X-Runtime: 1
Content-Type: text/html; charset=utf-8
Content-Length: 27
Server: WEBrick/1.3.1 (Ruby/1.9.1/2010-01-10)
Date: Thu, 03 Jun 2010 02:43:55 GMT
Connection: Keep-Alive
HTTP Basic: Access denied.
如果我明确地返回true,但仍得到401。
您必须指定一个登录名/密码对,即使您不检查它们
curl http://127.0.0.1:3000/myresource/1.xml -i -u username:password
如果要显示XML请求的错误消息,可以编写自己的before_filter :
class ApplicationController < ApplicationController::Base
before_filter :authenticate
def authenticate
authentication_procedure = lambda do |username, password|
# test username and password
end
authenticate_with_http_basic(&authentication_procedure) ||
request_http_basic_authentication_or_show_xml_error(&authentication_procedure)
end
def request_http_basic_authentication_or_show_xml_error(&auth_proc)
if request.format == Mime::XML
render :action => '/errors/401'
else
request_http_basic_authentication('My Realm')
end
end
end
然后将一些东西放入app/views/errors/401.xml.builder 。
Rails 2.x通过HTTP基本身份验证提供有意义的错误消息
[英]Rails 2.x provide meaningful error message with http basic authentication
Rails 3 - 基本的http身份验证与使用iphone的身份验证令牌
[英]Rails 3 - basic http authentication vs authentication token with iphone
使用Devise将HTTP基本身份验证添加到Rails时发生内部服务器错误
[英]Internal server error when adding HTTP Basic Authentication to rails with Devise
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.