On 12/18/05, Chris Anderson <[EMAIL PROTECTED]> wrote: > I'm trying to build an asset server that allows or denies access to > certain files on a per-user basis. Rails is going to be the expert on > these users and what they are allowed, but the idea of having the ruby > process actually serve the files seems like a big drain on resources. > Is there a way I can have lighthttpd ask Ruby to authenticate > particular requests (hopefully based on the session cookie), and based > on the results of the authentication, serve a particular file? Ie, > instead of responding with a 403, have it serve a file explaining why > access was denied.
I'm not sure if this will really work -- lighttpd is reputed to support FastCGI authentication servers, so you could have a Ruby process do the auth check, but you're probably going to be stuck with a 403 message if it fails. > I guess I'm wanting the best of both worlds - a file-serving process > (lighthttpd) to handle moving lots of bits fast, without troubling the > processor too much, coupled with smart access control and logging from > Ruby. Maybe there's a best way to do this? I'm thinking about looking > over the ActionCache source for ideas... hmm... it seems to use > IO.read, which is not the "bypass Ruby to output the file" method I > was hoping for. Honestly, this kind of close coupling between your static content server and application is exactly the reason that mod_ruby (and mod_perl, mod_python, etc.) exist -- with the Apache extension API, you can plug into any stage of the HTTP transaction. If you're not averse to learning a bit about the Apache module internals, you could probably hack up a mod_ruby based extension that would do this cleanly. Good luck, Lennon _______________________________________________ PDXRuby mailing list [email protected] IRC: #pdx.rb on irc.freenode.net http://lists.pdxruby.org/mailman/listinfo/pdxruby
