From: "Iñaki Baz Castillo" <ibc@aliax.net>
To: rack-devel@googlegroups.com
Subject: Re: How to use Rack::Auth::Digest::MD5
Date: Mon, 19 Oct 2009 14:07:02 +0200 [thread overview]
Message-ID: <200910191407.03030.ibc@aliax.net> (raw)
In-Reply-To: <200910191354.00488.ibc@aliax.net>
El Lunes, 19 de Octubre de 2009, Iñaki Baz Castillo escribió:
> El Lunes, 19 de Octubre de 2009, Magnus Holm escribió:
> > What about something like this?
> >
> > app = lambda do |env|
> > [200, { 'Content-Type' => "text/html" }, ['Logged in!']]
> > end
> >
> > app = Rack::Digest::MD5.new(app) do |username, password|
> > username == "foo" && password == "bar"
> > end
> >
> > run app
>
> Thanks, but what about if I just want to ask for authentication depending
> on the URL?
> For example:
>
> I require authentication if the URL is:
> http://domain.org/service1/users/alice@domain.org/index.xml
>
> But I don't require authentication if the URL is:
> http://domain.org/service1/global/index.xml
>
> Also, there are cases in which I require Digest authentication if method is
> PUT but not for GET.
Also, I don't know which user, password and *realm* I must use to generate the
401 until I inspect the request. This is, in my previous example:
http://domain.org/service1/users/alice@domain.org/index.xml
The 401 should contain a "WWW-Authenticate" header with fields:
- realm = domain.org
- username = alice
An the password (hassed ha1) would be retrieved from a DB.
Is it possible?
--
Iñaki Baz Castillo <ibc@aliax.net>
next prev parent reply other threads:[~2009-10-19 12:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-16 18:33 How to use Rack::Auth::Digest::MD5 Iñaki Baz Castillo
2009-10-18 20:32 ` Iñaki Baz Castillo
2009-10-19 11:33 ` Magnus Holm
2009-10-19 11:54 ` Iñaki Baz Castillo
2009-10-19 12:07 ` Iñaki Baz Castillo [this message]
2009-12-18 14:52 ` Genta IHA
2009-12-18 18:09 ` Iñaki Baz Castillo
2009-12-18 18:41 ` Iñaki Baz Castillo
2009-12-18 19:19 ` Iñaki Baz Castillo
2009-12-18 19:21 ` Iñaki Baz Castillo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://groups.google.com/group/rack-devel
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200910191407.03030.ibc@aliax.net \
--to=rack-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).