From mboxrd@z Thu Jan 1 00:00:00 1970 Delivered-To: chneukirchen@gmail.com Received: by 10.140.199.13 with SMTP id w13cs82704rvf; Mon, 19 Oct 2009 05:07:23 -0700 (PDT) Received-SPF: pass (google.com: domain of grbounce-ceibQwUAAAB4YPBqaDIjI2bFOCxyyh3G=chneukirchen=gmail.com@googlegroups.com designates 10.224.95.5 as permitted sender) client-ip=10.224.95.5; Authentication-Results: mr.google.com; spf=pass (google.com: domain of grbounce-ceibQwUAAAB4YPBqaDIjI2bFOCxyyh3G=chneukirchen=gmail.com@googlegroups.com designates 10.224.95.5 as permitted sender) smtp.mail=grbounce-ceibQwUAAAB4YPBqaDIjI2bFOCxyyh3G=chneukirchen=gmail.com@googlegroups.com; dkim=pass header.i=grbounce-ceibQwUAAAB4YPBqaDIjI2bFOCxyyh3G=chneukirchen=gmail.com@googlegroups.com Received: from mr.google.com ([10.224.95.5]) by 10.224.95.5 with SMTP id b5mr2433683qan.14.1255954042185 (num_hops = 1); Mon, 19 Oct 2009 05:07:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=beta; h=domainkey-signature:received:received:x-sender:x-apparently-to :received:received:received:received-spf:received:received:received :from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id:reply-to:sender :precedence:x-google-loop:mailing-list:list-id:list-post:list-help :list-unsubscribe:x-beenthere-env:x-beenthere; bh=hEZbEpRZ1qWoHR6pBIH1dKsBvgIdX39ZnNCElDUX1EQ=; b=TB+ySfRgdJj5oyPIvU3E34Uqu6FHwlnzKQh8H6NnqcEK/JTnBsa7wry38/DGH8fLVg H30kA5CL/tIQds4vvDYoO3xEFynzvWWaOnpR3Ry+kwKQ3+D7oBTaisA9BYMF3Wog1LzD wmPQatDX0qwTrQt+4oidqpeQQqP8bYmE1HL3E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlegroups.com; s=beta; h=x-sender:x-apparently-to:received-spf:authentication-results:from :to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id:reply-to:sender :precedence:x-google-loop:mailing-list:list-id:list-post:list-help :list-unsubscribe:x-beenthere-env:x-beenthere; b=27xFRzE0ruOrnRKYUMpuCXKQrYUz2IQ6LvmbYboaKg/9JXF9HMAmhcnjFOPEqy4S2V 75Tf89xQpLai9BcntnM8VFfJap6+cfO4+w/SpDVShcSLF/YTB30T8e6DB8Q2aA7T+0xH aAL//c5/br0walg/PQO1Ufqz99srF1NcdYHoU= Received: by 10.224.95.5 with SMTP id b5mr235950qan.14.1255954042133; Mon, 19 Oct 2009 05:07:22 -0700 (PDT) Received: by 10.177.5.4 with SMTP id h4gr1705yqi.0; Mon, 19 Oct 2009 05:07:08 -0700 (PDT) X-Sender: ibc@aliax.net X-Apparently-To: rack-devel@googlegroups.com Received: by 10.211.132.10 with SMTP id j10mr454962ebn.3.1255954026814; Mon, 19 Oct 2009 05:07:06 -0700 (PDT) Received: by 10.211.132.10 with SMTP id j10mr454961ebn.3.1255954026783; Mon, 19 Oct 2009 05:07:06 -0700 (PDT) Return-Path: Received: from mail-ew0-f208.google.com (mail-ew0-f208.google.com [209.85.219.208]) by gmr-mx.google.com with ESMTP id 14si863465ewy.5.2009.10.19.05.07.06; Mon, 19 Oct 2009 05:07:06 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.219.208 is neither permitted nor denied by best guess record for domain of ibc@aliax.net) client-ip=209.85.219.208; Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 209.85.219.208 is neither permitted nor denied by best guess record for domain of ibc@aliax.net) smtp.mail=ibc@aliax.net Received: by ewy4 with SMTP id 4so970375ewy.13 for ; Mon, 19 Oct 2009 05:07:06 -0700 (PDT) Received: by 10.211.146.31 with SMTP id y31mr4859225ebn.72.1255954026581; Mon, 19 Oct 2009 05:07:06 -0700 (PDT) Return-Path: Received: from ibc-laptop.localnet (30.pool85-58-8.dynamic.orange.es [85.58.8.30]) by mx.google.com with ESMTPS id 23sm2740513eya.4.2009.10.19.05.07.05 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 19 Oct 2009 05:07:05 -0700 (PDT) From: =?utf-8?q?I=C3=B1aki_Baz_Castillo?= To: rack-devel@googlegroups.com Subject: Re: How to use Rack::Auth::Digest::MD5 Date: Mon, 19 Oct 2009 14:07:02 +0200 User-Agent: KMail/1.12.2 (Linux/2.6.28-15-generic; KDE/4.3.2; x86_64; ; ) References: <200910162033.57584.ibc@aliax.net> <391a49da0910190433u24652f90g4bfbca5d9807be8a@mail.gmail.com> <200910191354.00488.ibc@aliax.net> In-Reply-To: <200910191354.00488.ibc@aliax.net> MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <200910191407.03030.ibc@aliax.net> Reply-To: rack-devel@googlegroups.com Sender: rack-devel@googlegroups.com Precedence: bulk X-Google-Loop: groups Mailing-List: list rack-devel@googlegroups.com; contact rack-devel+owner@googlegroups.com List-Id: List-Post: List-Help: List-Unsubscribe: , X-BeenThere-Env: rack-devel@googlegroups.com X-BeenThere: rack-devel@googlegroups.com El Lunes, 19 de Octubre de 2009, I=C3=B1aki Baz Castillo escribi=C3=B3: > El Lunes, 19 de Octubre de 2009, Magnus Holm escribi=C3=B3: > > What about something like this? > > > > app =3D lambda do |env| > > [200, { 'Content-Type' =3D> "text/html" }, ['Logged in!']] > > end > > > > app =3D Rack::Digest::MD5.new(app) do |username, password| > > username =3D=3D "foo" && password =3D=3D "bar" > > end > > > > run app >=20 > Thanks, but what about if I just want to ask for authentication depending > on the URL? > For example: >=20 > I require authentication if the URL is: > http://domain.org/service1/users/alice@domain.org/index.xml >=20 > But I don't require authentication if the URL is: > http://domain.org/service1/global/index.xml >=20 > Also, there are cases in which I require Digest authentication if method = is > PUT but not for GET. Also, I don't know which user, password and *realm* I must use to generate = the=20 401 until I inspect the request. This is, in my previous example: http://domain.org/service1/users/alice@domain.org/index.xml The 401 should contain a "WWW-Authenticate" header with fields: =2D realm =3D domain.org =2D username =3D alice An the password (hassed ha1) would be retrieved from a DB. Is it possible? =2D-=20 I=C3=B1aki Baz Castillo