I'm trying to build an asset server that allows or denies access to certain files on a per-user basis. Rails is going to be the expert on these users and what they are allowed, but the idea of having the ruby process actually serve the files seems like a big drain on resources. Is there a way I can have lighthttpd ask Ruby to authenticate particular requests (hopefully based on the session cookie), and based on the results of the authentication, serve a particular file? Ie, instead of responding with a 403, have it serve a file explaining why access was denied.
I guess I'm wanting the best of both worlds - a file-serving process (lighthttpd) to handle moving lots of bits fast, without troubling the processor too much, coupled with smart access control and logging from Ruby. Maybe there's a best way to do this? I'm thinking about looking over the ActionCache source for ideas... hmm... it seems to use IO.read, which is not the "bypass Ruby to output the file" method I was hoping for. Thanks for any hints! -- Chris Anderson http://musicfordozens.com/jchris _______________________________________________ PDXRuby mailing list [email protected] IRC: #pdx.rb on irc.freenode.net http://lists.pdxruby.org/mailman/listinfo/pdxruby
