hi rick, thanks for the help, read the sites with great interest! for my project, we won't need authorization, basic (but strong, i.e., bcrypt strong) authentication will do. do you use either of these tools?
- Clearance - restful-authentication - Authlogic I can't figure out which to use/try first by reading the resp. docs. cheers, phibo On Sep 15, 1:43 pm, Rick <[email protected]> wrote: > Here are my favorite two summary discussions along with a pointer to a > general security site. For my work the distinction between > authentication and authorization (user name and user role) is > important. I use a combination of plugins and gems to fill my needs > since I feel site security is one area of coding that clearly benefits > from a large user base. > > http://wiki.rubyonrails.org/howtos/authentication-authorizationhttp://www.vaporbase.com/postings/Authorization_in_Railshttp://www.rorsecurity.info/ > > On Sep 15, 6:25 am, phibo <[email protected]> wrote: > > > > > Being a rails newbie, I started to design our first rails-based > > webapp. This app should not only be used via browsers, but we also > > want to provide a (RESTful) api. I love the 'convention over > > configuration' paradigm, but am totally clueless on what to do when it > > comes to user authentication. Is there a THE rails-way of doing this? > > > I found many excellent gems and plugins, such as AAA or thoughtbot's > > clearance. However, I keep asking myself, why not just use HTTP > > (digest) authentication? I may be missing something, but why do big > > players such as Facebook implement their own (token- and secret-based) > > scheme? > > > What are you guys using? What is your favorite gem/plugin for user > > auth? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
