Module: WEBrick::HTTPAuth
Relationships & Source Files | |
Namespace Children | |
Modules:
| |
Classes:
| |
Defined in: | lib/webrick/httpauth.rb, lib/webrick/httpauth/authenticator.rb, lib/webrick/httpauth/basicauth.rb, lib/webrick/httpauth/digestauth.rb, lib/webrick/httpauth/htdigest.rb, lib/webrick/httpauth/htgroup.rb, lib/webrick/httpauth/htpasswd.rb, lib/webrick/httpauth/userdb.rb |
Overview
HTTPAuth
provides both basic and digest authentication.
To enable authentication for requests in ::WEBrick you will need a user database and an authenticator. To start, here's an Htpasswd database for use with a DigestAuth authenticator:
config = { :Realm => 'DigestAuth example realm' }
htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
htpasswd.auth_type = WEBrick::HTTPAuth::DigestAuth
htpasswd.set_passwd config[:Realm], 'username', 'password'
htpasswd.flush
The :Realm
is used to provide different access to different groups across several resources on a server. Typically you'll need only one realm for a server.
This database can be used to create an authenticator:
config[:UserDB] = htpasswd
digest_auth = WEBrick::HTTPAuth::DigestAuth.new config
To authenticate a request call #authenticate
with a request and response object in a servlet:
def do_GET req, res
@authenticator.authenticate req, res
end
For digest authentication the authenticator must not be created every request, it must be passed in as an option via HTTPServer#mount.
Class Method Summary
- ._basic_auth(req, res, realm, req_field, res_field, err_type, block) mod_func
-
.basic_auth(req, res, realm, &block)
mod_func
Simple wrapper for providing basic authentication for a request.
-
.proxy_basic_auth(req, res, realm, &block)
mod_func
Simple wrapper for providing basic authentication for a proxied request.
Class Method Details
._basic_auth(req, res, realm, req_field, res_field, err_type, block) (mod_func)
[ GitHub ]# File 'lib/webrick/httpauth.rb', line 56
def _basic_auth(req, res, realm, req_field, res_field, err_type, block) # :nodoc: user = pass = nil if /^Basic\s+(.*)/o =~ req[req_field] userpass = $1 user, pass = userpass.unpack("m*")[0].split(":", 2) end if block.call(user, pass) req.user = user return end res[res_field] = "Basic realm=\"#{realm}\"" raise err_type end
.basic_auth(req, res, realm, &block) (mod_func)
Simple wrapper for providing basic authentication for a request. When called with a request req
, response res
, authentication realm
and block
the block will be called with a username
and password
. If the block returns true the request is allowed to continue, otherwise an HTTPStatus::Unauthorized
error is raised.
# File 'lib/webrick/httpauth.rb', line 78
def basic_auth(req, res, realm, &block) # :yield: username, password _basic_auth(req, res, realm, "Authorization", "WWW-Authenticate", HTTPStatus::Unauthorized, block) end
.proxy_basic_auth(req, res, realm, &block) (mod_func)
Simple wrapper for providing basic authentication for a proxied request. When called with a request req
, response res
, authentication realm
and block
the block will be called with a username
and password
. If the block returns true the request is allowed to continue, otherwise an HTTPStatus::ProxyAuthenticationRequired
error is raised.
# File 'lib/webrick/httpauth.rb', line 90
def proxy_basic_auth(req, res, realm, &block) # :yield: username, password _basic_auth(req, res, realm, "Proxy-Authorization", "Proxy-Authenticate", HTTPStatus::ProxyAuthenticationRequired, block) end