Plugins - HTPasswd

StarAdd to favorites

This plugin allows controllers to use HTTP Basic and Digest access authentication. You can specify user passwords like this.

  • inline plain password
  • inline crypted password
  • external password file

Syntax

  htpasswd *options*
  htdigest *options*

Options

  • user : user name # default: nil
  • pass : password (format depends on :type) # default: nil
  • type : one of ( :plain | :crypted ) # default: :plain
  • file : external file path # default: nil
  • realm : realm value # default: "Authorization"
  • scheme : auth scheme # default: automatically set by method name

Usage

(1) Basic Access Authentication

class AdminController < ApplicationController 

  htpasswd :user=>"maiha", :pass=>"berryz"
  htpasswd :user=>"maiha", :pass=>"7Et1Y7tCawx32", :type=>:crypted
  htpasswd :user=>"maiha", :pass=>"berryz", :realm=>"Member Only"
  htpasswd :file=>"/usr/local/apache/passwd/.htpasswd"

end

(2) Digest Access Authentication

class AdminController < ApplicationController 

  htdigest :user=>"maiha", :pass=>"berryz"
  htdigest :user=>"maiha", :pass=>"812b1d067e9ce1e44f09215339e3cd69", :type=>:crypted
  htdigest :file=>"/usr/local/apache/passwd/.htdigest"

end

(3) Multiple Access Authentications

class AdminController < ApplicationController 

  htpasswd :user=>"maiha", :pass=>"berryz"
  htdigest :user=>"airi" , :pass=>"cute"

end

Although user ‘maiha’ is authorized by Basic auth, user ‘airi’ is authorized by Digest auth in this case. And this controller returns Digest one as a 401 response because it is strongest auth-scheme in above schemes.

(0) Creating a htdigest file

>> Htpasswd::Auths::Digest.new(:user=>"maiha", :pass=>"berryz").entry

> "maiha:Authorization:812b1d067e9ce1e44f09215339e3cd69"

This acts same as following unix command.

% htdigest -c filename maiha

Restrictions

  • ‘realm’ value should not contain any commas and semicolons.

Test

Just type.

% ruby vendor/plugins/htpasswd/test/htpasswd_test.rb % ruby vendor/plugins/htpasswd/test/htdigest_test.rb

Author

The original author is Kawamura. Composed by Maiha

http://habtm.com/articles/2006/05/28/htpasswd-plugin

http://wota.jp/svn/rails/plugins/branches/stable/htpasswd

  • Currently 3.0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Security

Tags

Comments

Add a comment
sooli 20 Oct 2006

ok i've used htdigest ... it seems to be incompatible with optional argument and ask for a new login/password

htpasswd work's fine with optional argument!

sooli 20 Oct 2006

I have a trouble with arguments in my urls. when i have optional argument like http://mywebserver/mycontroller/myaction?my_argument=1 rails ask me a new auth. Nothing work.

Whith http://mywebserver/mycontroller/myaction all is ok.

Search Plugins

Query syntax

Plugins by Category

Sponsors

Rails Kits: Get Code. Get Moving.
Recruiting software

Have a comment?