CharlesMaxWood

It seems that a lot of people are confused about what to do when it comes to requiring authentication for their Ruby on Rails application. Here are a few links that helped me figure things out.

1. Authlogic

Authlogic is the authentication plugin for Ruby on Rails that I use when I need one. It apparently has plugins that extend it for role-based permissions, but I haven’t used any of them, opting to build my own instead. Maybe on the next project.

2. Restful Authentication

Restful Authentication has been the standard authentication plugin/gem for Ruby on Rails for a long time. It works nicely and has hooks for role authorization. The problem I’ve had with it is that it feels a little clunky. I haven’t tried it out in a while, maybe I’ll dust it off and write a tutorial on using it.

One thing I will say for it is that it established the standard for using REST in authentication, which simplified the interface and the approach to authentication with Ruby on Rails.

3. Securely store passwords with bcrypt-ruby; now compatible with JRuby and Ruby 1.9

This article covers the basics of password hashing and salting. It explains the why’s and glosses over the how’s. One thing I hadn’t considered was using a slow algorithm rather than a fast one and its advantages. Check this one out if you’re new to authentication.

4. Simple and Restful Authentication for Ruby on Rails

If you’re looking to build your own authentication system or would like to understand some of the basic inner workings of other authentication systems. Robert Sosinski has done an excellent job explaining authentication and how to do it.

5. Authentication with Rails Metal

This is an example I came up with for managing authentication through Rails Metal. Rails Metal is an extremely fast and efficient way of handling requests to your Ruby on Rails application.

6. Clearance

I’d heard a bit about Clearance and wanted to try it out. I’ve found that it’s extremely easy to set up and use. In fact, after trying it out, I may use it on my next project. You’ll be pleasantly surprised at how simple it is.

7. RPXNow.com

RPX is an OpenID authentication solution. It allows users to use their logins from Facebook, Google, and several other providers. It’s free for up to 6 providers. The nice thing is that it has a gem that integrates nicely with your Ruby on Rails application.

8. Module
ActionController::HttpAuthentication::Basic

Ever wish that Rails came with its own built in authentication solution? Guess what? It does! This is the documentation complete with examples written by the Rails Team. It’s definitely worth a look.

9. Ruby on Rails LDAP Integration

Let’s face it. Sometimes we find ourselves needing to integrate with other systems. This is an extremely clear explanation on how to integrate your Rails authentication with LDAP, or more specifically Microsoft’s Active Directory service.

Many open source folks sort of shun Microsoft products, but in certain parts of the real world, businesses are using Windows. If you have the need, or are using LDAP on Linux, this tutorial is a life saver.